6.8
CVSSv2

CVE-2004-0595

Published: 27/07/2004 Updated: 30/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.

Vendor Advisories

Synopsis php security update Type/Severity Security Advisory: Important Topic Updated php packages that fix various security issues are now available Description PHP is an HTML-embedded scripting language commonly used with the ApacheHTTP serverStefan Esser discovered a flaw when memory_l ...
Synopsis php security update Type/Severity Security Advisory: Important Topic Updated php packages that fix various security issues are now available Description PHP is an HTML-embedded scripting language commonly used with the ApacheHTTP serverStefan Esser discovered a flaw when memory_l ...
Two vulnerabilities have been discovered in php4 which also apply to the version of php3 in the stable Debian distribution The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2004-0594 The memory_limit functionality allows remote attackers to execute arbitrary code under certain circumstances CAN-2004- ...
Two vulnerabilities were discovered in php4: CAN-2004-0594 The memory_limit functionality in PHP 4x up to 437, and 5x up to 500RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init funct ...

Exploits

source: wwwsecurityfocuscom/bid/10724/info It is reported that it is possible to bypass PHPs strip_tags() function It is reported that under certain circumstances, PHPs strip_tags() function will improperly leave malformed tags in place This vulnerability may mean that previously presumed-safe web applications could contain multiple c ...