Description

Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.

Remediation

References

CVE-2006-0200

Related Vulnerabilities

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0618)

Jenkins Other Vulnerability (CVE-2020-2100)

XOOPS Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4851)

Oracle Database Server CVE-2014-6547 Vulnerability (CVE-2014-6547)

Oracle Database Server CVE-2008-2611 Vulnerability (CVE-2008-2611)

Severity

Critical

Classification

CVE-2006-0200 CWE-134

Tags

Missing Update Known Vulnerabilities