CVE-2004-0958

{"id": "CVE-2004-0958", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-11-03T05:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.html", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=109527531130492&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/12560/", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1011279", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-687.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2344", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17393", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10863", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=109527531130492&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/12560/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1011279", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-687.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2344", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17393", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10863", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length."}, {"lang": "es", "value": "PHP anteriores a 5.0.2 permiten a atacantes remotos leer contenidos de memoria sensibles mediante variables (1) GET, (2) POST, o (3) COOKIE GPC que acaban en un car\u00e1cter de apertura de corchete."}], "lastModified": "2024-11-20T23:49:46.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAE1CCE0-7682-40EA-A858-DD09A3E32AF7", "versionEndIncluding": "5.0.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}