cve/2002/CVE-2002-0986.md

### [CVE-2002-0986](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0986)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."

### POC

#### Reference
- http://www.redhat.com/support/errata/RHSA-2002-213.html

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2002-0986](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0986)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."`

			`### POC`

			`#### Reference`
			`- http://www.redhat.com/support/errata/RHSA-2002-213.html`

			`#### Github`
			`No PoCs found on GitHub currently.`