Description

php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.

Remediation

References

CVE-2004-0958

Related Vulnerabilities

WordPress Plugin Essential Addons for Elementor Security Bypass (5.7.1)

WordPress Plugin Access Demo Importer Arbitrary File Upload (1.0.6)

WordPress Plugin Watu Quiz Cross-Site Scripting (3.1.2.4)

Oracle HTTP Server CVE-2006-0435 Vulnerability (CVE-2006-0435)

WordPress Plugin Duplicate Page and Post Spam Injection (2.1.1)

Severity

Medium

Classification

CVE-2004-0958

Tags

Missing Update Known Vulnerabilities