CVE-2000-0967

2000-12-19T05:00:00
ID CVE-2000-0967
Type cve
Reporter cve@mitre.org
Modified 2018-05-03T01:29:00

Description

PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.