Design/Logic Flaw

2009-12-2417:30:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

40.8%

JSON

The shutdown function in the Zend_Log_Writer_Mail class in Zend Framework (ZF) allows context-dependent attackers to send arbitrary e-mail messages to any recipient address via vectors related to “events not yet mailed.”

CPENameOperatorVersion
frameworkeq0.9.0 beta
frameworkeq1.7.3
frameworkeq1.9.0 beta-1
frameworkeq1.9.2
frameworkeq1.7.5
frameworkeq1.0.0
frameworkeq0.1.3 preview
frameworkeq1.5.2
frameworkeq0.9.1 beta
frameworkeq0.8.0 preview

Name	Operator	Version
framework	eq	0.9.0 beta
framework	eq	1.7.3
framework	eq	1.9.0 beta-1
framework	eq	1.9.2
framework	eq	1.7.5
framework	eq	1.0.0
framework	eq	0.1.3 preview
framework	eq	1.5.2
framework	eq	0.9.1 beta
framework	eq	0.8.0 preview