PHP 4.3.4 and previous versions in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote malicious users to obtain sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache http server 1.0 |
||
apache http server 1.0.2 |
||
apache http server 1.0.3 |
||
apache http server 1.0.5 |
||
apache http server 1.1 |
||
apache http server 1.1.1 |
||
apache http server 1.2 |
||
apache http server 1.2.5 |
||
apache http server 1.3 |
||
apache http server 1.3.1 |
||
apache http server 1.3.3 |
||
apache http server 1.3.4 |
||
apache http server 1.3.6 |
||
apache http server 1.3.7 |
||
apache http server 1.3.9 |
||
apache http server 1.3.11 |
||
apache http server 1.3.12 |
||
apache http server 1.3.14 |
||
apache http server 1.3.17 |
||
apache http server 1.3.18 |
||
apache http server 1.3.19 |
||
apache http server 1.3.20 |
||
apache http server 1.3.22 |
||
apache http server 1.3.23 |
||
apache http server 1.3.24 |
||
apache http server 1.3.25 |
||
apache http server 1.3.26 |
||
apache http server 1.3.27 |
||
apache http server 1.3.28 |
||
apache http server 1.3.29 |
||
apache http server 2.0 |
||
apache http server 2.0.9 |
||
apache http server 2.0.28 |
||
apache http server 2.0.32 |
||
apache http server 2.0.35 |
||
apache http server 2.0.36 |
||
apache http server 2.0.37 |
||
apache http server 2.0.38 |
||
apache http server 2.0.39 |
||
apache http server 2.0.40 |
||
apache http server 2.0.41 |
||
apache http server 2.0.42 |
||
apache http server 2.0.43 |
||
apache http server 2.0.44 |
||
apache http server 2.0.45 |
||
apache http server 2.0.46 |
||
apache http server 2.0.47 |
||
apache http server 2.0.48 |
||
ibm http server 1.3.19 |