icon

We found results for “

CVE-2012-0796

Good to know:

icon

Date: July 17, 2012

class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header.

Language: PHP

Severity Score

Severity Score

Weakness Type (CWE)

Code Injection

CWE-94

Top Fix

icon

Upgrade Version

Upgrade to version v1.9.16,v2.0.7,v2.1.4,v2.2.1

Learn More

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): SINGLE
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us