PHPMailer Remote Shell Command Execution Vulnerability

Bugtraq ID: 24417
Class: Input Validation Error
CVE: CVE-2007-3215
Remote: Yes
Local: No
Published: Jun 11 2007 12:00AM
Updated: Jun 26 2009 06:59PM
Credit: Thor Larholm is credited with discovering this issue.
Vulnerable: WordPress WordPress 2.0.10
WordPress WordPress 2.0.7
WordPress WordPress 2.0.6
WordPress WordPress 2.0.5
WordPress WordPress 2.0.4
WordPress WordPress 2.0.3
WordPress WordPress 2.0.2
WordPress WordPress 2.0.1
WordPress WordPress 2.0
WordPress WordPress 2.1
WordPress WordPress 2.0.10-RC2
WordPress WordPress 2.0.10-RC1
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu Ubuntu Linux 8.10 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
rpsblog.com Symphony 1.0.4
PHPMailer PHPMailer 1.7.3
PHPMailer PHPMailer 1.7.2
PHPMailer PHPMailer 1.7.1
PHPMailer PHPMailer 1.7
PHPMailer PHPMailer 1.73
+ GLPI GLPI 0.68.3
+ GLPI GLPI 0.68.2
+ GLPI GLPI 0.68.2
MamboXChange LaiThai 4.5.5
Mahara Mahara 1.0.5
Mahara Mahara 1.0.4
Mahara Mahara 1.0.3
Mahara Mahara 1.0.2
Mahara Mahara 1.0.1
Mahara Mahara 1.0
Knowledgeroot Knowledgebase 0.9.8.2
IPplan IP address management system 4.85
Debian Linux 4.0
Not Vulnerable: MamboXChange LaiThai 4.5.6
Mahara Mahara 1.0.6


 

Privacy Statement
Copyright 2010, SecurityFocus