Red Hat Bugzilla – Bug 174464
CVE-2005-3883 PHP mb_send_mail() header parsing issue
Last modified: 2008-02-23 01:03:58 EST
PHP mb_send_mail() header parsing issue
The mb_send_mail() function does not properly verify the "To" header
when sending mail. This could allow an attacker to inject arbitrary
headers into an outgoing mail message which could be used to relay
This issue also affects FC3
This report targets the FC3 or FC4 products, which have now been EOL'd.
Could you please check that it still applies to a current Fedora release, and
either update the target product or close it ?
Fedora Core 4 is no longer maintained.
Setting status to "INSUFFICIENT_DATA". If you can reproduce this bug in the
current Fedora release, please reopen this bug and assign it to the
corresponding Fedora version.