Lucene search
HistoryNov 23, 2004 - 5:00 a.m.
CVE-2004-0263
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
69.7%
PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
Affected configurations
Node
apachehttp_serverMatch1.0
ORapachehttp_serverMatch1.0.2
ORapachehttp_serverMatch1.0.3
ORapachehttp_serverMatch1.0.5
ORapachehttp_serverMatch1.1
ORapachehttp_serverMatch1.1.1
ORapachehttp_serverMatch1.2
ORapachehttp_serverMatch1.2.5
ORapachehttp_serverMatch1.3
ORapachehttp_serverMatch1.3.1
ORapachehttp_serverMatch1.3.3
ORapachehttp_serverMatch1.3.4
ORapachehttp_serverMatch1.3.6
ORapachehttp_serverMatch1.3.7dev
ORapachehttp_serverMatch1.3.9
ORapachehttp_serverMatch1.3.11
ORapachehttp_serverMatch1.3.12
ORapachehttp_serverMatch1.3.14
ORapachehttp_serverMatch1.3.17
ORapachehttp_serverMatch1.3.18
ORapachehttp_serverMatch1.3.19
ORapachehttp_serverMatch1.3.20
ORapachehttp_serverMatch1.3.22
ORapachehttp_serverMatch1.3.23
ORapachehttp_serverMatch1.3.24
ORapachehttp_serverMatch1.3.25
ORapachehttp_serverMatch1.3.26
ORapachehttp_serverMatch1.3.27
ORapachehttp_serverMatch1.3.28
ORapachehttp_serverMatch1.3.29
ORapachehttp_serverMatch2.0
ORapachehttp_serverMatch2.0.9
ORapachehttp_serverMatch2.0.28
ORapachehttp_serverMatch2.0.28beta
ORapachehttp_serverMatch2.0.32
ORapachehttp_serverMatch2.0.35
ORapachehttp_serverMatch2.0.36
ORapachehttp_serverMatch2.0.37
ORapachehttp_serverMatch2.0.38
ORapachehttp_serverMatch2.0.39
ORapachehttp_serverMatch2.0.40
ORapachehttp_serverMatch2.0.41
ORapachehttp_serverMatch2.0.42
ORapachehttp_serverMatch2.0.43
ORapachehttp_serverMatch2.0.44
ORapachehttp_serverMatch2.0.45
ORapachehttp_serverMatch2.0.46
ORapachehttp_serverMatch2.0.47
ORapachehttp_serverMatch2.0.48
ORibmhttp_serverMatch1.3.19
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apache | http_server | 1.0 | cpe:2.3:a:apache:http_server:1.0:*:*:*:*:*:*:* |
| apache | http_server | 1.0.2 | cpe:2.3:a:apache:http_server:1.0.2:*:*:*:*:*:*:* |
| apache | http_server | 1.0.3 | cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:* |
| apache | http_server | 1.0.5 | cpe:2.3:a:apache:http_server:1.0.5:*:*:*:*:*:*:* |
| apache | http_server | 1.1 | cpe:2.3:a:apache:http_server:1.1:*:*:*:*:*:*:* |
| apache | http_server | 1.1.1 | cpe:2.3:a:apache:http_server:1.1.1:*:*:*:*:*:*:* |
| apache | http_server | 1.2 | cpe:2.3:a:apache:http_server:1.2:*:*:*:*:*:*:* |
| apache | http_server | 1.2.5 | cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:* |
| apache | http_server | 1.3 | cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:* |
| apache | http_server | 1.3.1 | cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2004-0263
2004-11-23 05:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200402-01 (PHP)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200402-01 (PHP)
2008-09-24 00:00:00
cvelist
cvelist
CVE-2004-0263
2004-09-01 04:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
69.7%
Related for NVD:CVE-2004-0263