The init_request_info function in sapi/cgi/cgi_main.c in PHP prior to 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote malicious users to execute arbitrary code via a crafted URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |
||
fedoraproject fedora 9 |
||
fedoraproject fedora 8 |
||
canonical ubuntu linux 7.04 |
||
canonical ubuntu linux 7.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 6.06 |
||
apple mac os x server |
||
apple mac os x |