New Search

HP-UX Running Apache with PHP Remote Denial of Service (DoS) Unauthorized Access Privileged Access Cross Site Scripting (XSS)

oval:org.mitre.oval:def:7439

PHP before 5.2.12 does not properly handle session data which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2009-4143
Product(s):