Argument injection vulnerability in Mail/sendmail.php in the Mail package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows remote attackers to read and write arbitrary files via a crafted $recipients parameter, and possibly other parameters, a different vulnerability than CVE-2009-4023.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-11-28T18:00:00

Updated: 2024-08-07T06:54:09.376Z

Reserved: 2009-11-28T00:00:00

Link: CVE-2009-4111

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-11-29T13:07:52.890

Modified: 2024-11-21T01:08:57.187

Link: CVE-2009-4111

cve-icon Redhat

Severity : Important

Publid Date: 2009-05-07T00:00:00Z

Links: CVE-2009-4111 - Bugzilla