CVE-2003-0097
PHP 4.3.0 - Arbitrary File Access and PHP Code Execution via CGI Force Redirect Bypass
Title source: llmDescription
Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect).
References (6)
Core 6
Core References
Mailing List vendor-advisory
x_refsource_gentoo
http://marc.info/?l=bugtraq&m=104567042700840&w=2
Mailing List vendor-advisory
x_refsource_gentoo
http://marc.info/?l=bugtraq&m=104567137502557&w=2
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/11343.php
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104550977011668&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6875
Vendor Advisory x_refsource_confirm
http://www.slackware.com/changelog/current.php?cpu=i386
Scores
EPSS
0.0047
EPSS Percentile
65.0%
Details
Status
published
Products (1)
php/php
4.3.0
Published
Mar 03, 2003
Tracked Since
Feb 18, 2026