CVE-2006-1014

Severity

32%

Complexity

31%

Confidentiality

81%

This vulnerability affects all versions of PHP from 4.0.x through 5.1.x

Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent attackers to read and create arbitrary files by providing extra -C and -X arguments to sendmail. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE.

This vulnerability affects all versions of PHP from 4.0.x through 5.1.x

CVSS 2.0 Base Score 3.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:S/C:P/I:P/A:N).

Overview

Type

PHP PHP

First reported 18 years ago

2006-03-07 00:02:00

Last updated 6 years ago

2018-10-18 16:30:00

Affected Software

PHP PHP 4.0.0

4.0.0

PHP PHP 4.3.3

4.3.3

PHP PHP 4.3.4

4.3.4

PHP PHP 4.3.5

4.3.5

PHP PHP 4.3.6

4.3.6

PHP PHP 4.3.7

4.3.7

PHP PHP 4.3.8

4.3.8

PHP PHP 4.3.9

4.3.9

PHP PHP 4.3.10

4.3.10

PHP PHP 4.3.11

4.3.11

PHP PHP 4.4.0

4.4.0

PHP PHP 4.4.1

4.4.1

PHP PHP 5.0.0

5.0.0

PHP PHP 5.0.0 Beta1

5.0.0

PHP PHP 5.0.0 Beta2

5.0.0

PHP PHP 5.0.0 Beta3

5.0.0

PHP PHP 5.0.0 Beta4

5.0.0

PHP PHP 5.0.0 RC1

5.0.0

PHP PHP 5.0.0 RC2

5.0.0

PHP PHP 5.0.0 RC3

5.0.0

PHP PHP 5.0.1

5.0.1

PHP PHP 5.0.2

5.0.2

PHP PHP 5.0.3

5.0.3

PHP PHP 5.0.4

5.0.4

PHP PHP 5.0.5

5.0.5

PHP PHP 5.1.0

5.1.0

References

18694

Exploit, Patch, Vendor Advisory

19979

SUSE-SA:2006:024

23534

20060228 (PHP) mb_send_mail security bypass

16878

ADV-2006-0772

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.