CVE-2004-0958 Information
Share on:
Feb 14, 2021
cve
Description
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET (2) POST or (3) COOKIE GPC variables that end in an open bracket character which causes PHP to calculate an incorrect string length.
Reference
http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.html http://marc.info/?l=bugtraq&m=109527531130492&w=2 http://secunia.com/advisories/12560/ http://securitytracker.com/id?1011279 http://www.redhat.com/support/errata/RHSA-2004-687.html https://bugzilla.fedora.us/show_bug.cgi?id=2344 https://exchange.xforce.ibmcloud.com/vulnerabilities/17393 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10863