ByteOS Network

Vulnerability Details :

CVE-2002-0985

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-01 Sep, 2004 | 04:00

Updated At-08 Aug, 2024 | 03:12

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:01 Sep, 2004 | 04:00

Updated At:08 Aug, 2024 | 03:12

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://marc.info/?l=bugtraq&m=105760591228031&w=2	mailing-list x_refsource_BUGTRAQ
http://www.debian.org/security/2002/dsa-168	vendor-advisory x_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilities/9966	vdb-entry x_refsource_XF
http://marc.info/?l=bugtraq&m=103011916928204&w=2	mailing-list x_refsource_BUGTRAQ
http://www.redhat.com/support/errata/RHSA-2002-243.html	vendor-advisory x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2003-159.html	vendor-advisory x_refsource_REDHAT
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082	vendor-advisory x_refsource_MANDRAKE
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt	vendor-advisory x_refsource_CALDERA
http://www.novell.com/linux/security/advisories/2002_036_modphp4.html	vendor-advisory x_refsource_SUSE
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545	vendor-advisory x_refsource_CONECTIVA
http://www.redhat.com/support/errata/RHSA-2002-213.html	vendor-advisory x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2002-248.html	vendor-advisory x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2002-244.html	vendor-advisory x_refsource_REDHAT
http://www.osvdb.org/2111	vdb-entry x_refsource_OSVDB
http://www.redhat.com/support/errata/RHSA-2002-214.html	vendor-advisory x_refsource_REDHAT

Hyperlink: http://marc.info/?l=bugtraq&m=105760591228031&w=2

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://www.debian.org/security/2002/dsa-168

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/9966

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://marc.info/?l=bugtraq&m=103011916928204&w=2

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://www.redhat.com/support/errata/RHSA-2002-243.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-159.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082

Resource:

vendor-advisory

x_refsource_MANDRAKE

Hyperlink: ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt

Resource:

vendor-advisory

x_refsource_CALDERA

Hyperlink: http://www.novell.com/linux/security/advisories/2002_036_modphp4.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545

Resource:

vendor-advisory

x_refsource_CONECTIVA

Hyperlink: http://www.redhat.com/support/errata/RHSA-2002-213.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.redhat.com/support/errata/RHSA-2002-248.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.redhat.com/support/errata/RHSA-2002-244.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.osvdb.org/2111

Resource:

vdb-entry

x_refsource_OSVDB

Hyperlink: http://www.redhat.com/support/errata/RHSA-2002-214.html

Resource:

vendor-advisory

x_refsource_REDHAT

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://marc.info/?l=bugtraq&m=105760591228031&w=2	mailing-list x_refsource_BUGTRAQ x_transferred
http://www.debian.org/security/2002/dsa-168	vendor-advisory x_refsource_DEBIAN x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/9966	vdb-entry x_refsource_XF x_transferred
http://marc.info/?l=bugtraq&m=103011916928204&w=2	mailing-list x_refsource_BUGTRAQ x_transferred
http://www.redhat.com/support/errata/RHSA-2002-243.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.redhat.com/support/errata/RHSA-2003-159.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082	vendor-advisory x_refsource_MANDRAKE x_transferred
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt	vendor-advisory x_refsource_CALDERA x_transferred
http://www.novell.com/linux/security/advisories/2002_036_modphp4.html	vendor-advisory x_refsource_SUSE x_transferred
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545	vendor-advisory x_refsource_CONECTIVA x_transferred
http://www.redhat.com/support/errata/RHSA-2002-213.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.redhat.com/support/errata/RHSA-2002-248.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.redhat.com/support/errata/RHSA-2002-244.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.osvdb.org/2111	vdb-entry x_refsource_OSVDB x_transferred
http://www.redhat.com/support/errata/RHSA-2002-214.html	vendor-advisory x_refsource_REDHAT x_transferred

Hyperlink: http://marc.info/?l=bugtraq&m=105760591228031&w=2

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://www.debian.org/security/2002/dsa-168

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/9966

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://marc.info/?l=bugtraq&m=103011916928204&w=2

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2002-243.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-159.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082

Resource:

vendor-advisory

x_refsource_MANDRAKE

x_transferred

Hyperlink: ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt

Resource:

vendor-advisory

x_refsource_CALDERA

x_transferred

Hyperlink: http://www.novell.com/linux/security/advisories/2002_036_modphp4.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545

Resource:

vendor-advisory

x_refsource_CONECTIVA

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2002-213.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2002-248.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2002-244.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.osvdb.org/2111

Resource:

vdb-entry

x_refsource_OSVDB

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2002-214.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:24 Sep, 2002 | 04:00

Updated At:03 Apr, 2025 | 01:03

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

The PHP Group

>>php>>Versions from 4.0(inclusive) to 4.2.2(inclusive)

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

openpkg>>openpkg>>1.1

cpe:2.3:a:openpkg:openpkg:1.1:*:*:*:*:*:*:*

openpkg>>openpkg>>1.2

cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-88	Primary	nvd@nist.gov

CWE ID: CWE-88

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt	cve@mitre.org	Broken Link
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545	cve@mitre.org	Broken Link
http://marc.info/?l=bugtraq&m=103011916928204&w=2	cve@mitre.org	Third Party Advisory
http://marc.info/?l=bugtraq&m=105760591228031&w=2	cve@mitre.org	Third Party Advisory
http://www.debian.org/security/2002/dsa-168	cve@mitre.org	Broken Link Patch Vendor Advisory
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082	cve@mitre.org	Broken Link
http://www.novell.com/linux/security/advisories/2002_036_modphp4.html	cve@mitre.org	Broken Link
http://www.osvdb.org/2111	cve@mitre.org	Broken Link
http://www.redhat.com/support/errata/RHSA-2002-213.html	cve@mitre.org	Broken Link Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2002-214.html	cve@mitre.org	Broken Link
http://www.redhat.com/support/errata/RHSA-2002-243.html	cve@mitre.org	Broken Link
http://www.redhat.com/support/errata/RHSA-2002-244.html	cve@mitre.org	Broken Link
http://www.redhat.com/support/errata/RHSA-2002-248.html	cve@mitre.org	Broken Link
http://www.redhat.com/support/errata/RHSA-2003-159.html	cve@mitre.org	Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/9966	cve@mitre.org	Third Party Advisory VDB Entry
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt	af854a3a-2127-422b-91ae-364da2661108	Broken Link
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545	af854a3a-2127-422b-91ae-364da2661108	Broken Link
http://marc.info/?l=bugtraq&m=103011916928204&w=2	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://marc.info/?l=bugtraq&m=105760591228031&w=2	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.debian.org/security/2002/dsa-168	af854a3a-2127-422b-91ae-364da2661108	Broken Link Patch Vendor Advisory
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082	af854a3a-2127-422b-91ae-364da2661108	Broken Link
http://www.novell.com/linux/security/advisories/2002_036_modphp4.html	af854a3a-2127-422b-91ae-364da2661108	Broken Link
http://www.osvdb.org/2111	af854a3a-2127-422b-91ae-364da2661108	Broken Link
http://www.redhat.com/support/errata/RHSA-2002-213.html	af854a3a-2127-422b-91ae-364da2661108	Broken Link Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2002-214.html	af854a3a-2127-422b-91ae-364da2661108	Broken Link
http://www.redhat.com/support/errata/RHSA-2002-243.html	af854a3a-2127-422b-91ae-364da2661108	Broken Link
http://www.redhat.com/support/errata/RHSA-2002-244.html	af854a3a-2127-422b-91ae-364da2661108	Broken Link
http://www.redhat.com/support/errata/RHSA-2002-248.html	af854a3a-2127-422b-91ae-364da2661108	Broken Link
http://www.redhat.com/support/errata/RHSA-2003-159.html	af854a3a-2127-422b-91ae-364da2661108	Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/9966	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry