Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2007-1718

CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a "\r\n\t\n" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro.

  • Published: Mar 28, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-1718
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.8
  • AV:N/AC:L/Au:N/C:N/I:C/A:N

No CWE or OWASP classifications available.

Software From Fixed in
php / php 4.3.9 4.3.9.x
php / php 4.0-beta1 4.0-beta1.x
php / php 5.1.5 5.1.5.x
php / php 5.1.2 5.1.2.x
php / php 4.0-beta4 4.0-beta4.x
php / php 4.2.0 4.2.0.x
php / php 5.1.1 5.1.1.x
php / php 4.4.4 4.4.4.x
php / php 5.0.0-beta1 5.0.0-beta1.x
php / php 4.1.0 4.1.0.x
php / php 5.1.6 5.1.6.x
php / php 4.3.4 4.3.4.x
php / php 4.0.4 4.0.4.x
php / php 4.3.0 4.3.0.x
php / php 4.0.5 4.0.5.x
php / php 5.0-rc1 5.0-rc1.x
php / php 5.0.5 5.0.5.x
php / php 4.3.6 4.3.6.x
php / php 5.0.1 5.0.1.x
php / php 5.1.4 5.1.4.x
php / php 4.0.7-rc2 4.0.7-rc2.x
php / php 4.3.7 4.3.7.x
php / php 5.0.4 5.0.4.x
php / php 4.0.7-rc1 4.0.7-rc1.x
php / php 4.2.2 4.2.2.x
php / php 4.4.2 4.4.2.x
php / php 4.0-rc1 4.0-rc1.x
php / php 4.3.2 4.3.2.x
php / php 4.3.11 4.3.11.x
php / php 4.0.0 4.0.0.x
php / php 4.0.3-patch1 4.0.3-patch1.x
php / php 4.0.7 4.0.7.x
php / php 4.0.2 4.0.2.x
php / php 4.3.3 4.3.3.x
php / php 5.0-rc3 5.0-rc3.x
php / php 4.1.1 4.1.1.x
php / php 4.4.3 4.4.3.x
php / php 5.0.0-rc2 5.0.0-rc2.x
php / php 5.0.3 5.0.3.x
php / php 4.2.3 4.2.3.x
php / php 5.1.0 5.1.0.x
php / php 4.4.5 4.4.5.x
php / php 4.0.1-patch1 4.0.1-patch1.x
php / php 5.0.0-rc3 5.0.0-rc3.x
php / php 4.0 4.0.x
php / php 4.0-beta2 4.0-beta2.x
php / php 4.0.1-patch2 4.0.1-patch2.x
php / php 4.0.6 4.0.6.x
php / php 5.2.0 5.2.0.x
php / php 5.0-rc2 5.0-rc2.x
php / php 4.1.2 4.1.2.x
php / php 5.0.0-beta3 5.0.0-beta3.x
php / php 4.0.7-rc3 4.0.7-rc3.x
php / php 4.0-rc2 4.0-rc2.x
php / php 4.3.1 4.3.1.x
php / php 5.1.3 5.1.3.x
php / php 4.0-beta_4_patch1 4.0-beta_4_patch1.x
php / php 4.4.0 4.4.0.x
php / php 4.3.10 4.3.10.x
php / php 4.2.1 4.2.1.x
php / php 5.0.0-rc1 5.0.0-rc1.x
php / php 4.0.4-patch1 4.0.4-patch1.x
php / php 4.0.1 4.0.1.x
php / php 5.0.2 5.0.2.x
php / php 4.4.6 4.4.6.x
php / php 4.2 4.2.x
php / php 4.4.1 4.4.1.x
php / php 4.0-beta3 4.0-beta3.x
php / php 5.2.1 5.2.1.x
php / php 4.0.3 4.0.3.x
php / php 5.0.0-beta4 5.0.0-beta4.x
php / php 5.0.0 5.0.0.x
php / php 4.3.8 4.3.8.x
php / php 4.3.5 4.3.5.x
php / php 5.0.0-beta2 5.0.0-beta2.x