oval:org.mitre.oval:def:12569
| Definition Id: oval:org.mitre.oval:def:12569 | |||
| Oval ID: | oval:org.mitre.oval:def:12569 | ||
| Title: | NULL byte injection vulnerability in PHP before 5.3.4 | ||
| Description: | PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2006-7243 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PHP |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12410 | |||
| Oval ID: | oval:org.mitre.oval:def:12410 | ||
| Title: | PHP is installed | ||
| Description: | PHP is installed | ||
| Family: | windows | Class: | inventory |
| Reference(s): | cpe:/a:php:php | Version: | 4 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PHP |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:12569 | |||
