← Back to branch summary

~wgrant/ubuntu-cve-tracker/main

« back to all changes in this revision

Viewing changes to retired/CVE-2006-1014

  • Committer: Kees Cook
  • Date: 2008-09-19 21:55:36 UTC
  • Revision ID: kees.cook@canonical.com-20080919215536-xv2fttw2hoozmih4
update all Publication Dates

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2006-1014
1
1
Candidate: CVE-2006-1014
2
2
References:
3
3
Description:
 
4
 Argument injection vulnerability in certain PHP 4.x and 5.x applications,
 
5
 when used with sendmail and when accepting remote input for the
 
6
 additional_parameters argument to the mb_send_mail function, allows
 
7
 context-dependent attackers to read and create arbitrary files by providing
 
8
 extra -C and -X arguments to sendmail.  NOTE: it could be argued that this
 
9
 is a class of technology-specific vulnerability, instead of a particular
 
10
 instance; if so, then this should not be included in CVE.
4
11
Ubuntu-Description:
5
12
Notes:
6
13
Bugs: