CVE-2009-4417

CVE-2009-4417 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The shutdown function in the Zend_Log_Writer_Mail class in Zend Framework (ZF) allows context-dependent attackers to send arbitrary e-mail messages to any recipient address via vectors related to "events not yet mailed."

Learn more about our Web Application Penetration Testing UK.