Description

php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.

Remediation

References

CVE-2004-0958

Related Vulnerabilities

Oracle Database Server CVE-2007-2109 Vulnerability (CVE-2007-2109)

WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files Multiple Vulnerabilities (1.7.6)

Internet Information Services Other Vulnerability (CVE-2001-0507)

XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29459)

Oracle Database Server CVE-2008-1818 Vulnerability (CVE-2008-1818)

Severity

Medium

Classification

CVE-2004-0958

Tags

Missing Update Known Vulnerabilities