CVE-2016-10034: Command Injection
First published: Fri Dec 30 2016(Updated: )
The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| composer/zendframework/zend-mail | >=2.7<2.7.2 | 2.7.2 |
| composer/zendframework/zend-mail | >=2.6<=2.6.2 | |
| composer/zendframework/zend-mail | >=2.5<=2.5.2 | |
| composer/zendframework/zend-mail | <2.4.11 | 2.4.11 |
| Zend Framework | <=2.4.10 | |
| Zend Mail | <=2.4.10 | |
| Zend Mail | =2.5.0 | |
| Zend Mail | =2.5.1 | |
| Zend Mail | =2.5.2 | |
| Zend Mail | =2.6.0 | |
| Zend Mail | =2.6.1 | |
| Zend Mail | =2.6.2 | |
| Zend Mail | =2.7.0 | |
| Zend Mail | =2.7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/95144
- http://www.securitytracker.com/id/1037539
- https://framework.zend.com/security/advisory/ZF2016-04
- https://legalhackers.com/advisories/ZendFramework-Exploit-ZendMail-Remote-Code-Exec-CVE-2016-10034-Vuln.html
- https://security.gentoo.org/glsa/201804-10
- https://www.exploit-db.com/exploits/40979/
- https://www.exploit-db.com/exploits/40986/
- https://www.exploit-db.com/exploits/42221/
- https://nvd.nist.gov/vuln/detail/CVE-2016-10034
- https://www.exploit-db.com/exploits/40979
- https://www.exploit-db.com/exploits/40986
- https://www.exploit-db.com/exploits/42221
- https://github.com/advisories/GHSA-r9mw-gwx9-v3h5 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2016-10034?
CVE-2016-10034 has been rated as a high severity vulnerability due to the potential for arbitrary code execution.
How do I fix CVE-2016-10034?
To fix CVE-2016-10034, upgrade to zend-mail version 2.7.2 or later, or zend-framework version 2.4.11 or later.
Which versions are affected by CVE-2016-10034?
CVE-2016-10034 affects zend-mail versions prior to 2.7.2, zend-framework versions before 2.4.11, and several specific versions of zend-mail and framework components.
What can attackers do with CVE-2016-10034?
Attackers can exploit CVE-2016-10034 to pass extra parameters to the mail command, which may allow them to execute arbitrary code.
When was CVE-2016-10034 disclosed?
CVE-2016-10034 was disclosed in April 2016.
- agent/type
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-r9mw-gwx9-v3h5
- alias/CVE-2016-10034
- agent/software-canonical-lookup
- agent/weakness
- agent/severity
- agent/references
- agent/description
- agent/author
- agent/softwarecombine
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- package-manager/composer
- vendor/zend
- canonical/zend framework
- version/zend framework/2.4.10
- canonical/zend mail
- version/zend mail/2.4.10
- version/zend mail/2.5.0
- version/zend mail/2.5.1
- version/zend mail/2.5.2
- version/zend mail/2.6.0
- version/zend mail/2.6.1
- version/zend mail/2.6.2
- version/zend mail/2.7.0
- version/zend mail/2.7.1