Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0958

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0958
Last Modified 21 Aug 2010 12:21:32
Published 03 Nov 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0958

Summary

php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.

Vulnerable Systems

Application

  • Php 5.0.2


References

XF - php-phpinfo-disclose-memory(17393)

REDHAT - RHSA-2004:687

FEDORA - FLSA:2344

SECTRACK - 1011279

SECUNIA - 12560

VULNWATCH - 20040915 [VulnWatch] PHP Vulnerability N. 1

BUGTRAQ - 20040915 PHP Vulnerability N. 1


Last Updated: 27 May 2016 10:38:49