CVE-2004-0263

3 documents3 sources

Severity

5.0MEDIUM

EPSS

1.1%

top 22.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Http Server IBM Http Server

Timeline

PublishedNov 23

Latest updateApr 29

Description

PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDapache/http_server48 versions+47

▶NVDibm/http_server1.3.19

🔴Vulnerability Details

GHSA

GHSA-7wxp-pmh5-8mh5: PHP 4↗2022-04-29

▶

CVEList

CVE-2004-0263: PHP 4↗2004-09-01

▶