CVE-2002-2215
PHP < 4.3.0 - Denial of Service via IMAP Header with Excessive To Addresses
Title source: llmDescription
The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function.
References (2)
Core 2
Core References
Exploit, Patch x_refsource_confirm
http://bugs.php.net/bug.php?id=19280
Exploit, Patch x_refsource_confirm
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175040
Scores
EPSS
0.0043
EPSS Percentile
62.4%
Details
Status
published
Products (35)
php/php
3.0
php/php
3.0.1
php/php
3.0.2
php/php
3.0.3
php/php
3.0.4
php/php
3.0.5
php/php
3.0.6
php/php
3.0.7
php/php
3.0.8
php/php
3.0.9
... and 25 more
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026