Описание
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
Ссылки
- Broken LinkExploit
- Broken Link
- Broken Link
- Mailing List
- Mailing List
- Mailing List
- Mailing List
- Mailing List
- Broken LinkVendor Advisory
- Broken Link
- Broken LinkVendor Advisory
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Third Party Advisory
- Broken Link
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
Связанные уязвимости
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5. ...
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
EPSS
9.8 Critical
CVSS3
10 Critical
CVSS2