CVE-2004-0958

php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.html
http://marc.info/?l=bugtraq&m=109527531130492&w=2
http://secunia.com/advisories/12560/
http://securitytracker.com/id?1011279
http://www.redhat.com/support/errata/RHSA-2004-687.html	Patch Vendor Advisory
https://bugzilla.fedora.us/show_bug.cgi?id=2344
https://exchange.xforce.ibmcloud.com/vulnerabilities/17393
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10863

Configurations

Configuration 1 (hide)

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-11-03 05:00

Updated : 2024-02-04 16:31

NVD link : CVE-2004-0958

Mitre link : CVE-2004-0958

CVE.ORG link : CVE-2004-0958

JSON object : View

Products Affected

php

php

CWE

NVD-CWE-Other

{"id": "CVE-2004-0958", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-11-03T05:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.html", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=109527531130492&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/12560/", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1011279", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-687.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2344", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17393", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10863", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length."}, {"lang": "es", "value": "PHP anteriores a 5.0.2 permiten a atacantes remotos leer contenidos de memoria sensibles mediante variables (1) GET, (2) POST, o (3) COOKIE GPC que acaban en un car\u00e1cter de apertura de corchete."}], "lastModified": "2017-10-11T01:29:38.450", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAE1CCE0-7682-40EA-A858-DD09A3E32AF7", "versionEndIncluding": "5.0.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}