← voltar
CVE-2007-1900

CVE-2007-1900

EPSS 2.3%
CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent part of the address string.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795http://secunia.com/advisories/24824http://secunia.com/advisories/25056http://secunia.com/advisories/25057http://secunia.com/advisories/25062http://secunia.com/advisories/25445http://secunia.com/advisories/25535http://secunia.com/advisories/26231http://secunia.com/advisories/27037http://secunia.com/advisories/27102http://secunia.com/advisories/27110http://security.gentoo.org/glsa/glsa-200705-19.xml