[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249982

 
 

909

 
 

195748

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-0599Date: (C)2008-05-05   (M)2024-02-22


The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 9.8CVSS Score : 10.0
Exploit Score: 3.9Exploit Score: 10.0
Impact Score: 5.9Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: COMPLETE
Scope: UNCHANGEDIntegrity: COMPLETE
Confidentiality: HIGHAvailability: COMPLETE
Integrity: HIGH 
Availability: HIGH 
  
Reference:
SECTRACK-1019958
http://www.securityfocus.com/archive/1/492535/100/0/threaded
BID-29009
SECUNIA-30048
SECUNIA-30083
SECUNIA-30345
SECUNIA-30616
SECUNIA-30757
SECUNIA-30828
SECUNIA-31200
SECUNIA-31326
SECUNIA-32746
SECUNIA-35650
ADV-2008-1412
ADV-2008-1810
ADV-2008-2268
APPLE-SA-2008-07-31
FEDORA-2008-3606
FEDORA-2008-3864
GLSA-200811-05
HPSBUX02342
HPSBUX02465
MDVSA-2008:127
MDVSA-2008:128
RHSA-2008:0505
SSA:2008-128-01
SSRT090085
USN-628-1
VU#147027
http://www.openwall.com/lists/oss-security/2008/05/02/2
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.50.2.12&r2=1.267.2.15.2.50.2.13&diff_format=u
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
http://www.php.net/ChangeLog-5.php
https://issues.rpath.com/browse/RPL-2503
oval:org.mitre.oval:def:5510
php-vector-unspecified(42137)

CWE    1
CWE-131
OVAL    2
oval:org.secpod.oval:def:301530
oval:org.secpod.oval:def:301251

© SecPod Technologies