CVE-2003-0737 — MEDIUM (5.0)

Q: How severe is CVE-2003-0737?

CVE-2003-0737 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2003-0737?

Check the references section above for vendor advisories and patch information. Affected products include: Phpwebsite Phpwebsite.

Vulnerability Description

The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Phpwebsite	Phpwebsite	<= 0.9.0

References

FAQ

What is CVE-2003-0737?

CVE-2003-0737 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of ...

How severe is CVE-2003-0737?

CVE-2003-0737 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2003-0737?

Check the references section above for vendor advisories and patch information. Affected products include: Phpwebsite Phpwebsite.