CVE-2006-4020 in PHPinfo

Summary

scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a buffer over-read.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

08/08/2006

Disclosure

08/08/2006

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
2429	PHP Safe-Mode sscanf privileges management	269	Proof-of-Concept	Official fix	CVE-2006-4020

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!