Lucene search

[email protected]CVE-2006-0200

HistoryJan 13, 2006 - 11:03 p.m.

CVE-2006-0200

2006-01-1323:03:00

CWE-134

[email protected]

web.nvd.nist.gov

cve

php

mysqli

format string vulnerability

code execution

nvd

security

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.118 Low

EPSS

Percentile

95.2%

JSON

Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.

CPENameOperatorVersion
php:phpphpeq5.1.1
php:phpphpeq5.1.0

CPE	Name	Operator	Version
php:php	php	eq	5.1.1
php:php	php	eq	5.1.0

References

secunia.com/advisories/18431

securityreason.com/securityalert/337

securitytracker.com/id?1015485

www.hardened-php.net/advisory_022006.113.html

www.php.net/release_5_1_2.php

www.securityfocus.com/archive/1/421705/100/0/threaded

www.securityfocus.com/bid/16219

www.vupen.com/english/advisories/2006/0177

www.vupen.com/english/advisories/2006/0369

exchange.xforce.ibmcloud.com/vulnerabilities/24095

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.118 Low

EPSS

Percentile

95.2%

JSON

Related for CVE-2006-0200

prion1 ubuntucve1 nessus1 openvas2