|Description||CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a "\r\n\t\n" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)|
|References||DSA-1282-1, DSA-1283-1, DTSA-39-1, DTSA-40-1|
|NVD severity||high (attack range: remote)|
Vulnerable and fixed packages
The table below lists information on source packages.
The information below is based on the following data on fixed versions.
[sarge] - php4 <not-affected> (Vulnerable code not present)