CVE-2001-1246
published 2001-06-30CVE-2001-1246: PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers…
PriorityP337high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
9.72%
94.9th percentile
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php | php | 4.0.5 – 4.1.0 | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7pf5-hfgr-ch72: PHP 4
ghsa_unreviewed·2022-04-30
CVE-2001-1246 [HIGH] CWE-88 GHSA-7pf5-hfgr-ch72: PHP 4
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
Red Hat
security flaw
vendor_redhat·2001-06-30·CVSS 7.5
CVE-2001-1246 [HIGH] security flaw
security flaw
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
No detection rules found.
CWE
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
mitre_cwe
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
This weakness can lead to a vulnerability in environments in which the attacker does not have direct access to the operating system, such as in web applications. Alternately, if the weakness occurs in a privileged program, it could allow the attacker to specify commands that normally would not be accessible, or to call alternate commands with privileges that the attacker does not have. The problem is exacerbated if the compro
CWE
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
mitre_cwe
CWE-88 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
The product constructs a string for a command to be executed by a separate component
in another control sphere, but it does not properly delimit the
intended arguments, options, or switches within that command string.
When creating commands using interpolation into a string, developers may assume that only the arguments/options that they specify will be processed. This assumption may be even stronger when the programmer has encoded the command in a way that prevents separate commands from being provided maliciously, e.g. in the case of shell metacharacters. When constructing the command, the developer may use whitespace or other delimiters that are required to separate arguments when the command. H
http://online.securityfocus.com/archive/1/194425http://www.iss.net/security_center/static/6787.phphttp://www.php.net/do_download.php?download_file=php-4.1.2.tar.gzhttp://www.redhat.com/support/errata/RHSA-2002-102.htmlhttp://www.redhat.com/support/errata/RHSA-2002-129.htmlhttp://www.redhat.com/support/errata/RHSA-2003-159.htmlhttp://www.securityfocus.com/bid/2954http://online.securityfocus.com/archive/1/194425http://www.iss.net/security_center/static/6787.phphttp://www.php.net/do_download.php?download_file=php-4.1.2.tar.gzhttp://www.redhat.com/support/errata/RHSA-2002-102.htmlhttp://www.redhat.com/support/errata/RHSA-2002-129.htmlhttp://www.redhat.com/support/errata/RHSA-2003-159.htmlhttp://www.securityfocus.com/bid/2954
2001-06-30
Published