CVE-2004-0595

PHP 4.x-5.0.0RC3 - XSS

Title source: llm

Description

The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Stefan Esser · textremotephp

https://www.exploit-db.com/exploits/24280

View Code ZIP pw:eip

References (18)

Core 18

Core References

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10724

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=108981780109154&w=2

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=109181600614477&w=2

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=109051444105182&w=2

Vendor Advisory vendor-advisory x_refsource_conectiva

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=108982983426031&w=2

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2005/dsa-669

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-395.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-405.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-392.html

Patch, Vendor Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2004/dsa-531

Vendor Advisory vendor-advisory x_refsource_suse

http://www.novell.com/linux/security/advisories/2004_21_php4.html

Various Sources vendor-advisory x_refsource_mandrake

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/16692

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2005-816.html

Third Party Advisory vendor-advisory x_refsource_gentoo

http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml

Mailing List mailing-list x_refsource_fulldisc

http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html

Scores

EPSS 0.4934

EPSS Percentile 97.8%

Details

Status published

Products (36)

avaya/converged_communications_server 2.0

avaya/integrated_management

avaya/s8300 r2.0.0

avaya/s8300 r2.0.1

avaya/s8500 r2.0.0

avaya/s8500 r2.0.1

avaya/s8700 r2.0.0

avaya/s8700 r2.0.1

php/php 4.0

php/php 4.0.1

... and 26 more

Published Jul 27, 2004

Tracked Since Feb 18, 2026