CVE-2008-0599 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2008-0599

CVE-2008-0599

May 05, 2008

The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.

Related Resources (37)

http://secunia.com/advisories/30345

http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951

http://www.redhat.com/support/errata/RHSA-2008-0505.html

http://www.vupen.com/english/advisories/2008/1810/references

http://secunia.com/advisories/30757

http://www.securitytracker.com/id?1019958

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01476437

http://www.mandriva.com/security/advisories?name=MDVSA-2008:128

http://secunia.com/advisories/35650

http://marc.info/?l=bugtraq&m=125631037611762&w=2

http://marc.info/?l=bugtraq&m=124654546101607&w=2

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176

http://www.mandriva.com/security/advisories?name=MDVSA-2008:127

http://secunia.com/advisories/30616

http://www.kb.cert.org/vuls/id/147027

http://www.openwall.com/lists/oss-security/2008/05/02/2

http://www.vupen.com/english/advisories/2008/2268

http://www.ubuntu.com/usn/usn-628-1

https://exchange.xforce.ibmcloud.com/vulnerabilities/42137

https://people.canonical.com/~ubuntu-security/cve/CVE-2008-0599

http://secunia.com/advisories/30048

http://www.securityfocus.com/bid/29009

http://security.gentoo.org/glsa/glsa-200811-05.xml

http://secunia.com/advisories/31200

http://secunia.com/advisories/30083

http://secunia.com/advisories/31326

https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5510

http://www.securityfocus.com/archive/1/492535/100/0/threaded

http://www.vupen.com/english/advisories/2008/1412

http://secunia.com/advisories/32746

https://issues.rpath.com/browse/RPL-2503

http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.50.2.12&r2=1.267.2.15.2.50.2.13&diff_format=u

http://www.php.net/ChangeLog-5.php

http://secunia.com/advisories/30828

https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html

Do you need more information?

CVSS v4

Base Score:

9.3

Attack Vector

NETWORK

Attack Complexity

LOW

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

HIGH

Vulnerable System Integrity

HIGH

Vulnerable System Availability

HIGH

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

CVSS v2

Base Score:

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

Weakness Type (CWE)

Incorrect Calculation of Buffer Size

CWE-131

EPSS

Base Score:

49.74

Products

Solutions

Resources

Company

Compare

Developer Tools