|
|
CVE Reference: CVE-2007-1717 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-1717 |
|
|
Description: The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ ('\0') byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases when the trailing contents of e-mail messages are important, such as logging information or if the message is expected to be well-formed. |
|
|
CVE Status: Candidate |
|
|
References: SUSE http://www.novell.com/linux/security/advisories/2007_32_php.html SAID Secunia Advisory: SA25056 Secunia Advisory: SA25445 Secunia Advisory: SA26235 MISC http://www.php-security.org/MOPB/MOPB-33-2007.html GENTOO http://security.gentoo.org/glsa/glsa-200705-19.xml CONFIRM http://docs.info.apple.com/article.html?artnum=306172 http://us2.php.net/releases/5_2_2.php http://us2.php.net/releases/4_4_7.php BID 23146 25159 APPLE http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html |
|
| Return to the previous page. |
