ID de Prueba:	1.3.6.1.4.1.25623.1.0.703750
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 3750-1 (libphp-phpmailer - security update)
Resumen:	Dawid Golunski discovered that PHPMailer,;a popular library to send email from PHP applications, allowed a remote attacker to;execute code if they were able to provide a crafted Sender address.;;Note that for this issue also CVE-2016-10045 was assigned, which is a regression in;the original patch proposed for CVE-2016-10033. Because the original patch was not;applied in Debian, Debian was not vulnerable to CVE-2016-10045.
Descripción:	Summary: Dawid Golunski discovered that PHPMailer, a popular library to send email from PHP applications, allowed a remote attacker to execute code if they were able to provide a crafted Sender address. Note that for this issue also CVE-2016-10045 was assigned, which is a regression in the original patch proposed for CVE-2016-10033. Because the original patch was not applied in Debian, Debian was not vulnerable to CVE-2016-10045. Affected Software/OS: libphp-phpmailer on Debian Linux Solution: For the stable distribution (jessie), this problem has been fixed in version 5.2.9+dfsg-2+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 5.2.14+dfsg-2.1. We recommend that you upgrade your libphp-phpmailer packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-10033 Common Vulnerability Exposure (CVE) ID: CVE-2016-10045
Copyright	Copyright (C) 2017 Greenbone Networks GmbH http://greenbone.net

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.