Package(s):	php	CVE #(s):	CVE-2005-3883
Created:	December 27, 2005	Updated:	January 4, 2006
Description:	A CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument, when using sendmail as the MTA (mail transfer agent).
Alerts:	Mandriva MDKSA-2005:238 php 2005-12-27

---

to post comments