CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
65.6%
Updated php-phpmailer package fixes security vulnerability: Takeshi Terada discovered that PHPMailer accepted addresses containing line breaks. This is valid in RFC5322, but allowing such addresses resulted in invalid RFC5321 SMTP commands, permitting a kind of message injection attack (CVE-2015-8476).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | php-phpmailer | < 5.2.14-1 | php-phpmailer-5.2.14-1.mga5 |