Vulnerability Description
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Avaya | Converged Communications Server | 2.0 |
| Redhat | Fedora Core | core_1.0 |
| Trustix | Secure Linux | 1.5 |
| Avaya | Integrated Management | All versions |
| Php | Php | 4.0 |
| Avaya | S8300 | r2.0.0 |
| Avaya | S8500 | r2.0.0 |
| Avaya | S8700 | r2.0.0 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html
- http://marc.info/?l=bugtraq&m=108981780109154&w=2
- http://marc.info/?l=bugtraq&m=108982983426031&w=2
- http://marc.info/?l=bugtraq&m=109051444105182&w=2
- http://marc.info/?l=bugtraq&m=109181600614477&w=2
- http://www.debian.org/security/2004/dsa-531PatchVendor Advisory
- http://www.debian.org/security/2005/dsa-669
- http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068
- http://www.novell.com/linux/security/advisories/2004_21_php4.html
- http://www.redhat.com/support/errata/RHSA-2004-392.html
- http://www.redhat.com/support/errata/RHSA-2004-395.html
- http://www.redhat.com/support/errata/RHSA-2004-405.html
- http://www.redhat.com/support/errata/RHSA-2005-816.html
FAQ
What is CVE-2004-0595?
CVE-2004-0595 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be ...
How severe is CVE-2004-0595?
CVE-2004-0595 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0595?
Check the references section above for vendor advisories and patch information. Affected products include: Avaya Converged Communications Server, Redhat Fedora Core, Trustix Secure Linux, Avaya Integrated Management, Php Php.