Showing 1 - 3 of 3

CVE-2016-10074

Status Candidate

Overview

The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a "" (backslash double quote) in a crafted e-mail address in the (1) From, (2) ReturnPath, or (3) Sender header.

Related Files

Debian Security Advisory 3769-1: Posted Jan 23, 2017; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3769-1 - Dawid Golunski from LegalHackers discovered that PHP Swift Mailer, a mailing solution for PHP, did not correctly validate user input. This allowed a remote attacker to execute arbitrary code by passing specially formatted email addresses in specific email headers.; tags | advisory, remote, arbitrary, php; systems | linux, debian; advisories | CVE-2016-10074; MD5 | 35e5943384aadc42f6da685cc43be28c; Download | Favorite | View

PHPMailer / Zend-mail / SwiftMailer Remote Code Execution: Posted Jan 3, 2017; Authored by Dawid Golunski; This proof of concept exploit aims to execute a reverse shell on the target in the context of the web server user via a vulnerable PHP email library.; tags | exploit, web, shell, php, proof of concept; advisories | CVE-2016-10033, CVE-2016-10034, CVE-2016-10045, CVE-2016-10074; MD5 | a0be91defae2564f4405c81fdeab38cd; Download | Favorite | View

SwiftMailer Remote Code Execution: Posted Dec 29, 2016; Authored by Dawid Golunski; SwiftMailer versions prior to 5.4.5-DEV suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; advisories | CVE-2016-10074; MD5 | 867421c2ab76adf20394234a4a466e45; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 100 files
malvuln 54 files
Ubuntu 46 files
Google Security Research 13 files
Erik David Martin 9 files
Soham Bakore 5 files
Jeenali Kothari 5 files
Tushar Vaidya 5 files
Tim Willis 4 files
Ismael Nava 4 files

File Archives

Systems

AIX (421)
Apple (1,774)
BSD (368)
Cisco (1,902)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,040)
HPUX (873)
iOS (284)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (39,503)
Mac OS X (673)
Mandriva (3,105)
NetBSD (255)
OpenBSD (473)
RedHat (9,726)
Slackware (941)
Solaris (1,598)
SUSE (1,444)
Ubuntu (7,142)
UNIX (8,852)
UnixWare (180)
Windows (5,822)
Other

CVE-2016-10074

Overview

Related Files

File Archive:

March 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems