Security Advisory

CVE-2009-4023

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-11-28 17:00:00

Last updated 2024-08-07 06:45:51

Assigner redhat

State PUBLISHED

Description

Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.

← Browse all CVEs View on cve.org ↗