CVE-2012-0796
N/A
N/A
Summary
class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://moodle.org/mod/forum/discuss.php?d=194015
- http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=62988bf0bbc73df655f51884aaf1f523928abff9
- http://www.debian.org/security/2012/dsa-2421
- https://bugzilla.redhat.com/show_bug.cgi?id=783532
References
- http://moodle.org/mod/forum/discuss.php?d=194015
- http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=62988bf0bbc73df655f51884aaf1f523928abff9
- http://www.debian.org/security/2012/dsa-2421
- https://bugzilla.redhat.com/show_bug.cgi?id=783532
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.