CVE-2004-0263
Apache HTTP Server - Information Disclosure via PHP Global Variable Leak
Title source: llmDescription
PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/3878
Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9599
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15072
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200402-01.xml
Scores
EPSS
0.0348
EPSS Percentile
87.8%
Details
Status
published
Products (49)
apache/http_server
1.0
apache/http_server
1.0.2
apache/http_server
1.0.3
apache/http_server
1.0.5
apache/http_server
1.1
apache/http_server
1.1.1
apache/http_server
1.2
apache/http_server
1.2.5
apache/http_server
1.3
apache/http_server
1.3.1
... and 39 more
Published
Nov 23, 2004
Tracked Since
Feb 18, 2026