CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
EPSS
Percentile
93.3%
Stack-based buffer overflow in the suhosin_encrypt_single_cookie function
in the transparent cookie-encryption feature in the Suhosin extension
before 0.9.33 for PHP, when suhosin.cookie.encrypt and suhosin.multiheader
are enabled, might allow remote attackers to execute arbitrary code via a
long string that is used in a Set-Cookie HTTP header.