CVE-2001-1246

EPSS 5.41% · P90 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2001-1246

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

PHP mail函数绕过safe_mode限制执行命令漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

PHP是一种流行的WEB服务器端编程语言，它功能强大，简单易用，在很多Unix操作系统默认都安装了PHP，它也可以在Windows系统下运行。 PHP函数mail的第五个参数存在漏洞，远程攻击者可能利用此漏洞结构CGI脚本中的漏洞绕过PHP的safe_mode的限制执行系统命令。从PHP-4.0.5开始，mail函数引入了第五个参数。去年被发现该参数没有很好过滤shell字符使得可以绕过safe_mode的限制执行系统命令。( http://www.nsfocus.com/index.php?act=

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2001-1246

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2001-1246

请登录查看更多情报信息。

http://www.php.net/do_download.php?download_file=php-4.1.2.tar.gzx_refsource_CONFIRM
http://www.securityfocus.com/bid/2954vdb-entryx_refsource_BID
http://www.redhat.com/support/errata/RHSA-2002-102.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2002-129.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2003-159.htmlvendor-advisoryx_refsource_REDHAT
http://online.securityfocus.com/archive/1/194425mailing-listx_refsource_BUGTRAQ
http://www.iss.net/security_center/static/6787.phpvdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2001-1246

Same Patch Batch · n/a · 2002-06-25 · 190 CVEs total

CVE-2002-0028		ICQ缓冲区溢出漏洞
CVE-2002-0003		Groff预处理器缓冲区溢出漏洞
CVE-2002-0004		AT 畸形时间格式导致堆溢出漏洞
CVE-2002-0007		BugZilla LDAP认证绕过漏洞
CVE-2002-0018		Microsoft Windows网络域间信任关系提升权限漏洞(MS02-001)
CVE-2002-0020		Microsoft Telnet Server协议选项缓冲溢出漏洞(MS02-004)
CVE-2002-0021		Macintosh Microsoft Office v. X Network PID检查器服务拒绝漏洞
CVE-2002-0022		Microsoft Internet Explorer安全漏洞
CVE-2002-0023		Microsoft Internet Explorer安全漏洞
CVE-2002-0025		Microsoft Internet Explorer安全漏洞
CVE-2002-0026		Microsoft Internet Explorer安全漏洞
CVE-2002-0027		Microsoft Internet Explorer安全漏洞
CVE-2002-0046		Linux kernel内存信息泄露漏洞
CVE-2002-0052		Microsoft Internet Explorer 安全漏洞
CVE-2002-0051		Microsoft Windows 2000组策略锁定漏洞(MS02-016)
CVE-2002-0050		Microsoft Commerce Server ISAPI远程缓冲区溢出漏洞(MS02-033)
CVE-2002-0049		Microsoft Exchange Server 安全漏洞
CVE-2002-0047		CIPE VPN数据包服务拒绝漏洞
CVE-2002-0043		Sudo未清环境变量导致以root身份执行命令漏洞
CVE-2002-0038		IRIX nsd突破缓存大小限制造成拒绝服务攻击漏洞

Showing top 20 of 190 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2001-1246

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2001-1246

I. Basic Information for CVE-2001-1246

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2001-1246

III. Intelligence Information for CVE-2001-1246

Same Patch Batch · n/a · 2002-06-25 · 190 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2001-1246

Leave a comment