drupal-mimemail

2010-03-28

Page content

Author: Miklos Vajna
Vulnerable: 5.x_1.0-1
Unaffected: 5.x_1.1-1locris1

A vulnerability has been reported in the Mime Mail module for Drupal, while can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to an error in the PCRE regular expression engine, which can be exploited to execute arbitrary PHP code. Successful exploitation requires the ability to send HTML email via the Mime Mail module.

Bug Tracker URL: http://bugs.frugalware.org/task/4159

CVEs:

No CVE, see http://drupal.org/node/751934.