{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-08-23T00:00:00", "descriptions": [{"lang": "en", "value": "Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-11-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=105760591228031&w=2"}, {"name": "DSA-168", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2002/dsa-168"}, {"name": "php-mail-safemode-bypass(9966)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9966"}, {"name": "20020823 PHP: Bypass safe_mode and inject ASCII control chars with mail()", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=103011916928204&w=2"}, {"name": "RHSA-2002:243", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"}, {"name": "RHSA-2003:159", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"}, {"name": "MDKSA-2003:082", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082"}, {"name": "CSSA-2003-008.0", "tags": ["vendor-advisory", "x_refsource_CALDERA"], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt"}, {"name": "SuSE-SA:2002:036", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2002_036_modphp4.html"}, {"name": "CLA-2002:545", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545"}, {"name": "RHSA-2002:213", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-213.html"}, {"name": "RHSA-2002:248", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"}, {"name": "RHSA-2002:244", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"}, {"name": "2111", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/2111"}, {"name": "RHSA-2002:214", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-214.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0985", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=105760591228031&w=2"}, {"name": "DSA-168", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-168"}, {"name": "php-mail-safemode-bypass(9966)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9966"}, {"name": "20020823 PHP: Bypass safe_mode and inject ASCII control chars with mail()", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=103011916928204&w=2"}, {"name": "RHSA-2002:243", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"}, {"name": "RHSA-2003:159", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"}, {"name": "MDKSA-2003:082", "refsource": "MANDRAKE", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082"}, {"name": "CSSA-2003-008.0", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt"}, {"name": "SuSE-SA:2002:036", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2002_036_modphp4.html"}, {"name": "CLA-2002:545", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545"}, {"name": "RHSA-2002:213", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-213.html"}, {"name": "RHSA-2002:248", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"}, {"name": "RHSA-2002:244", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"}, {"name": "2111", "refsource": "OSVDB", "url": "http://www.osvdb.org/2111"}, {"name": "RHSA-2002:214", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-214.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T03:12:16.384Z"}, "title": "CVE Program Container", "references": [{"name": "20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=105760591228031&w=2"}, {"name": "DSA-168", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2002/dsa-168"}, {"name": "php-mail-safemode-bypass(9966)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9966"}, {"name": "20020823 PHP: Bypass safe_mode and inject ASCII control chars with mail()", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=103011916928204&w=2"}, {"name": "RHSA-2002:243", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"}, {"name": "RHSA-2003:159", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"}, {"name": "MDKSA-2003:082", "tags": ["vendor-advisory", "x_refsource_MANDRAKE", "x_transferred"], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082"}, {"name": "CSSA-2003-008.0", "tags": ["vendor-advisory", "x_refsource_CALDERA", "x_transferred"], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt"}, {"name": "SuSE-SA:2002:036", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2002_036_modphp4.html"}, {"name": "CLA-2002:545", "tags": ["vendor-advisory", "x_refsource_CONECTIVA", "x_transferred"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545"}, {"name": "RHSA-2002:213", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2002-213.html"}, {"name": "RHSA-2002:248", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"}, {"name": "RHSA-2002:244", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"}, {"name": "2111", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/2111"}, {"name": "RHSA-2002:214", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2002-214.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0985", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-08-23T00:00:00", "dateUpdated": "2024-08-08T03:12:16.384Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7CF9839-3A11-4934-B956-B590261FDAFC", "versionEndIncluding": "4.2.2", "versionStartIncluding": "4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openpkg:openpkg:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "85CCF640-211C-4EC0-9F41-68F5B39CA3F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6ADD463-E918-4F4D-9FA7-D109EBC98BD8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands."}], "id": "CVE-2002-0985", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-09-24T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=103011916928204&w=2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=105760591228031&w=2"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2002/dsa-168"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.novell.com/linux/security/advisories/2002_036_modphp4.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.osvdb.org/2111"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2002-213.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2002-214.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9966"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=103011916928204&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=105760591228031&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2002/dsa-168"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.novell.com/linux/security/advisories/2002_036_modphp4.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.osvdb.org/2111"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2002-213.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2002-214.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9966"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-88"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2002:214", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1", "release_date": "2002-11-11T00:00:00Z"}, {"advisory": "RHSA-2002:213", "cpe": "cpe:/o:redhat:linux:7.0", "product_name": "Red Hat Linux 7.0", "release_date": "2002-11-11T00:00:00Z"}, {"advisory": "RHSA-2002:213", "cpe": "cpe:/o:redhat:linux:7.1", "product_name": "Red Hat Linux 7.1", "release_date": "2002-11-11T00:00:00Z"}, {"advisory": "RHSA-2003:159", "cpe": "cpe:/o:redhat:linux:7.1", "product_name": "Red Hat Linux 7.1", "release_date": "2003-06-30T00:00:00Z"}, {"advisory": "RHSA-2002:213", "cpe": "cpe:/o:redhat:linux:7.2", "product_name": "Red Hat Linux 7.2", "release_date": "2002-11-11T00:00:00Z"}, {"advisory": "RHSA-2002:213", "cpe": "cpe:/o:redhat:linux:7.3", "product_name": "Red Hat Linux 7.3", "release_date": "2002-11-11T00:00:00Z"}, {"advisory": "RHSA-2002:214", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Linux Advanced Workstation 2.1", "release_date": "2002-11-11T00:00:00Z"}, {"advisory": "RHSA-2002:243", "cpe": "cpe:/a:redhat:stronghold:3", "product_name": "Red Hat Stronghold 3", "release_date": "2002-11-08T00:00:00Z"}, {"advisory": "RHSA-2002:244", "cpe": "cpe:/a:redhat:stronghold:4", "product_name": "Red Hat Stronghold 4", "release_date": "2002-11-08T00:00:00Z"}, {"advisory": "RHSA-2002:248", "cpe": "cpe:/a:redhat:rhel_stronghold:4", "product_name": "Stronghold 4 for Red Hat Enterprise Linux", "release_date": "2002-11-07T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1616833", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616833"}, "csaw": false, "details": ["Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands."], "name": "CVE-2002-0985", "public_date": "2002-08-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2002-0985\nhttps://nvd.nist.gov/vuln/detail/CVE-2002-0985"], "threat_severity": "Low"}