Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-0958 | First vendor Publication | 2004-11-03 |
Vendor | Cve | Last vendor Modification | 2017-10-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0958 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10863 | |||
Oval ID: | oval:org.mitre.oval:def:10863 | ||
Title: | php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length. | ||
Description: | php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0958 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-04 | Name : php -- php_variables memory disclosure File : nvt/freebsd_mod_php4-twig1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
12601 | PHP php_variables.c Multiple Variable Open Bracket Memory Disclosure |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2004-12-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-567.nasl - Type : ACT_GATHER_INFO |
2004-12-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-687.nasl - Type : ACT_GATHER_INFO |
2004-10-08 | Name : The remote server is affected by an information disclosure vulnerability. File : php_mem_disclosure.nasl - Type : ACT_GATHER_INFO |
2004-09-17 | Name : Arbitrary files may be uploaded on the remote host. File : php_arbitrary_file_upload.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:02:38 |
|
2024-02-01 12:01:33 |
|
2023-09-05 12:02:30 |
|
2023-09-05 01:01:25 |
|
2023-09-02 12:02:32 |
|
2023-09-02 01:01:25 |
|
2023-08-12 12:03:03 |
|
2023-08-12 01:01:25 |
|
2023-08-11 12:02:38 |
|
2023-08-11 01:01:27 |
|
2023-08-06 12:02:26 |
|
2023-08-06 01:01:26 |
|
2023-08-04 12:02:30 |
|
2023-08-04 01:01:27 |
|
2023-07-14 12:02:28 |
|
2023-07-14 01:01:27 |
|
2023-03-29 01:02:30 |
|
2023-03-28 12:01:32 |
|
2022-10-11 12:02:12 |
|
2022-10-11 01:01:19 |
|
2021-05-04 12:02:26 |
|
2021-04-22 01:02:35 |
|
2020-05-23 01:36:09 |
|
2020-05-23 00:15:55 |
|
2019-06-08 12:01:19 |
|
2018-10-03 12:02:18 |
|
2017-10-11 09:23:24 |
|
2017-07-11 12:01:32 |
|
2016-10-18 12:01:23 |
|
2016-10-13 01:00:44 |
|
2016-06-28 15:06:22 |
|
2016-04-26 12:54:31 |
|
2014-02-17 10:28:11 |
|
2013-05-11 11:43:31 |
|