Описание
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-0958
- https://bugzilla.fedora.us/show_bug.cgi?id=2344
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17393
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10863
- http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.html
- http://marc.info/?l=bugtraq&m=109527531130492&w=2
- http://secunia.com/advisories/12560
- http://securitytracker.com/id?1011279
- http://www.redhat.com/support/errata/RHSA-2004-687.html
EPSS
CVE ID
Связанные уязвимости
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.
php_variables.c in PHP before 5.0.2 allows remote attackers to read se ...
EPSS