php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.
References
Configurations
History
20 Nov 2024, 23:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.html - | |
References | () http://marc.info/?l=bugtraq&m=109527531130492&w=2 - | |
References | () http://secunia.com/advisories/12560/ - | |
References | () http://securitytracker.com/id?1011279 - | |
References | () http://www.redhat.com/support/errata/RHSA-2004-687.html - Patch, Vendor Advisory | |
References | () https://bugzilla.fedora.us/show_bug.cgi?id=2344 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17393 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10863 - |
Information
Published : 2004-11-03 05:00
Updated : 2024-11-20 23:49
NVD link : CVE-2004-0958
Mitre link : CVE-2004-0958
CVE.ORG link : CVE-2004-0958
JSON object : View
Products Affected
php
- php
CWE