Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2004-0958

Published: 03/11/2004 Updated: 11/10/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Php

Vulnerability Summary

php_variables.c in PHP prior to 5.0.2 allows remote malicious users to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.

Vulnerable Product Search on Vulmon Subscribe to Product

php php

Vendor Advisories

Red Hat: php security update
Synopsis php security update Type/Severity Security Advisory: Important Topic Updated php packages that fix various security issues and bugs are nowavailable for Red Hat Enterprise Linux 3 Description PHP is an HTML-embedded scripting language commonly used with the ApacheHTTP Web serverF ...

Exploits

Exploit DB: PHP 4.x/5.0.1 - PHP_Variables Remote Memory Disclosure
source: wwwsecurityfocuscom/bid/11334/info A vulnerability is reported to present itself in the array parsing functions of the 'php_variablesc' PHP source file The vulnerability occurs when a PHP script is being used to print URI parameters or data, that are supplied by a third party, into a dynamically generated web page It is repor ...

References

NVD-CWE-Otherhttp://www.redhat.com/support/errata/RHSA-2004-687.htmlhttp://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.htmlhttps://bugzilla.fedora.us/show_bug.cgi?id=2344http://secunia.com/advisories/12560/http://securitytracker.com/id?1011279http://marc.info/?l=bugtraq&m=109527531130492&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/17393https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10863https://access.redhat.com/errata/RHSA-2004:687https://nvd.nist.govhttps://www.exploit-db.com/exploits/24656/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook