Vulnerabilities affecting this package (0)
| Vulnerability |
Summary |
Fixed by |
|
This package is not known to be affected by vulnerabilities.
|
Vulnerabilities fixed by this package (2)
| Vulnerability |
Summary |
Aliases |
|
VCID-cq4m-3q7u-cbg3
|
Remote code execution in PHPMailer
### Impact
The `mailSend` function in the default `isMail` transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted `Sender` property.
### Patches
Fixed in 5.2.18
### Workarounds
Filter and validate user input before passing it to internal functions.
### References
https://nvd.nist.gov/vuln/detail/CVE-2016-10033
Related to a follow-on issue in https://nvd.nist.gov/vuln/detail/CVE-2016-10045
### For more information
If you have any questions or comments about this advisory:
* Open a private issue in [the PHPMailer project](https://github.com/PHPMailer/PHPMailer)
|
CVE-2016-10033
GHSA-5f37-gxvh-23v6
|
|
VCID-xrtk-1rmg-7uca
|
Remote code execution in PHPMailer
### Impact
The `isMail` transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the `mail` command and consequently execute arbitrary code by leveraging improper interaction between the `escapeshellarg` function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.
This issue really emphasises that it's worth avoiding the built-in PHP `mail()` function entirely.
### Patches
Fixed in 5.2.20
### Workarounds
Send via SMTP to localhost instead of calling the `mail()` function.
### References
https://nvd.nist.gov/vuln/detail/CVE-2016-10045
See also https://nvd.nist.gov/vuln/detail/CVE-2016-10033
### For more information
If you have any questions or comments about this advisory:
* Open a private issue in [the PHPMailer project](https://github.com/PHPMailer/PHPMailer)
|
CVE-2016-10045
GHSA-4pc3-96mx-wwc8
|