Vulnerability Description
PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Http Server | 1.0 |
| Ibm | Http Server | 1.3.19 |
References
- http://security.gentoo.org/glsa/glsa-200402-01.xml
- http://www.osvdb.org/3878
- http://www.securityfocus.com/bid/9599Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15072
- http://security.gentoo.org/glsa/glsa-200402-01.xml
- http://www.osvdb.org/3878
- http://www.securityfocus.com/bid/9599Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15072
FAQ
What is CVE-2004-0263?
CVE-2004-0263 is a vulnerability with a CVSS score of 5.0 (MEDIUM). PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow r...
How severe is CVE-2004-0263?
CVE-2004-0263 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0263?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Ibm Http Server.