{"id":"CVE-2016-10074","details":"The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \\\" (backslash double quote) in a crafted e-mail address in the (1) From, (2) ReturnPath, or (3) Sender header.","aliases":["GHSA-pr44-4jfr-286m"],"modified":"2026-04-10T03:47:12.820168Z","published":"2016-12-30T19:59:00.310Z","references":[{"type":"WEB","url":"https://www.exploit-db.com/exploits/40986/"},{"type":"WEB","url":"https://www.exploit-db.com/exploits/42221/"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3769"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/95140"},{"type":"FIX","url":"https://github.com/swiftmailer/swiftmailer/blob/5.x/CHANGES"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/140290/SwiftMailer-Remote-Code-Execution.html"},{"type":"EVIDENCE","url":"https://legalhackers.com/advisories/SwiftMailer-Exploit-Remote-Code-Exec-CVE-2016-10074-Vuln.html"},{"type":"EVIDENCE","url":"http://seclists.org/fulldisclosure/2016/Dec/86"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/40972/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/swiftmailer/swiftmailer","events":[{"introduced":"0"},{"last_affected":"545ce9136690cea74f98f86fbb9c92dd9ab1a756"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.4.4"}]}}],"versions":["4.0.0","4.0.0-b1","4.0.0-b2","4.0.0-b3","4.0.0-b4","4.0.0-b5","4.0.0-rc1","4.0.1","4.0.2","4.0.3","4.0.4","4.0.5","4.0.6","4.0.7","4.0.7a1","v4.1.0","v4.1.1","v4.1.2","v4.1.3","v4.1.4","v4.1.5","v4.1.6","v4.1.7","v4.1.8","v4.2.0","v4.2.1","v4.2.2","v4.3.0","v4.3.1","v5.0.0","v5.0.1","v5.0.2","v5.0.3","v5.1.0","v5.2.0","v5.2.1","v5.2.2","v5.3.0","v5.3.1","v5.4.0","v5.4.1","v5.4.2","v5.4.3","v5.4.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10074.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}