| Vulnerability Name: | CVE-2007-3215 (CCN-34818) | ||||||||||||||||
| Assigned: | 2007-06-11 | ||||||||||||||||
| Published: | 2007-06-11 | ||||||||||||||||
| Updated: | 2018-10-16 | ||||||||||||||||
| Summary: | PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php. Successful exploitation requires that the PHP script using PHPMailer is configured to send e-mails with the Sendmail method, and that the script does not sanitise data before storing it in the Sender property. | ||||||||||||||||
| CVSS v3 Severity: | 5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||
| CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P) 5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Mon Jun 11 2007 - 12:46:16 CDT PHPMailer command execution Source: MITRE Type: CNA CVE-2007-3215 Source: MISC Type: UNKNOWN http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/ Source: CCN Type: DSA 1315-1 New libphp-phpmailer packages fix arbitrary shell command execution Source: OSVDB Type: UNKNOWN 37206 Source: OSVDB Type: UNKNOWN 76139 Source: CCN Type: PHPMailer Web site PHPMailer - full featured email transfer class for PHP Source: FULLDISC Type: UNKNOWN 20111005 vTiger CRM 5.2.x <= Remote Code Execution Vulnerability Source: CCN Type: SA25626 PHPMailer "Sender" Arbitrary Command Execution Source: SECUNIA Type: Vendor Advisory 25626 Source: SECUNIA Type: UNKNOWN 25755 Source: CCN Type: SA25758 Knowledgeroot Knowledgebase PHPMailer "Sender" Command Execution Source: SECUNIA Type: UNKNOWN 25758 Source: CCN Type: SA28652 Mambo LaiThai Multiple Vulnerabilities Source: SREASON Type: UNKNOWN 2802 Source: CCN Type: Mambo Web site Mambo 4.6.3 Released! Source: CCN Type: SourceForge.net: Files MamboLaiThai - File Release Notes and Changelog - Mambo LaiThai Global 4.5.6 Source: CCN Type: SourceForge.net : Files Knowledgeroot Knowledgeroot - File Release Notes and Changelog - Release Name: 0.9.8.3 Source: CONFIRM Type: UNKNOWN http://sourceforge.net/project/shownotes.php?release_id=517428&group_id=157374 Source: DEBIAN Type: UNKNOWN DSA-1315 Source: DEBIAN Type: DSA-1315 libphp-phpmailer -- missing input validation Source: CCN Type: OSVDB ID: 37206 PHPMailer class.phpmailer.php SendmailSend Function Arbitrary Command Execution Source: CCN Type: OSVDB ID: 42515 Mambo Administrator Backend Unspecified XSS Source: CCN Type: OSVDB ID: 42516 Mambo Template Chooser Functionality Unspecified Issue Source: CCN Type: OSVDB ID: 76139 vtiger CRM cron/class.phpmailer.php phpmailer File Remote Command Execution Source: BUGTRAQ Type: UNKNOWN 20070611 PHPMailer command execution Source: BID Type: UNKNOWN 24417 Source: CCN Type: BID-24417 PHPMailer Remote Shell Command Execution Vulnerability Source: CCN Type: USN-791-1 Moodle vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2007-2161 Source: VUPEN Type: UNKNOWN ADV-2007-2267 Source: MISC Type: UNKNOWN http://yehg.net/lab/pr0js/advisories/%5BvTiger_5.2.1%5D_rce Source: XF Type: UNKNOWN phpmailer-sendmailsend-command-execution(34818) Source: XF Type: UNKNOWN phpmailer-popen-command-execution(34818) Source: MISC Type: UNKNOWN https://sourceforge.net/tracker/index.php?func=detail&aid=1734811&group_id=26031&atid=385707 | ||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||
| Oval Definitions | |||||||||||||||||
| |||||||||||||||||
| BACK | |||||||||||||||||