Description

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a "type confusion" vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php.

Remediation

References

CVE-2014-4721

Related Vulnerabilities

WordPress Plugin YITH WooCommerce Wishlist SQL Injection (2.1.2)

WordPress Plugin Link Library Cross-Site Scripting (5.9.5.5)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-6455)

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2165)

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7193)

Severity

Low

Classification

CVE-2014-4721 CWE-200

Tags

Missing Update Known Vulnerabilities