Note:
This project will be discontinued after December 13, 2021. [more]
2018-12-07
ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.
Products | Debian_linux, Php |
Type | NULL Pointer Dereference (CWE-476) |
First patch | - None (likely due to unavailable code) |
Links |
• https://lists.debian.org/debian-lts-announce/2018/12/msg00006.html
• https://security.netapp.com/advisory/ntap-20181221-0003/ • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html • http://www.securityfocus.com/bid/106143 |