Lucene search

PRIOn knowledge basePRION:CVE-2006-0200

HistoryJan 13, 2006 - 11:03 p.m.

Format string

2006-01-1323:03:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.118 Low

EPSS

Percentile

95.2%

JSON

Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.

CPENameOperatorVersion
phpeq5.1.1
phpeq5.1.0

CPE	Name	Operator	Version
	php	eq	5.1.1
	php	eq	5.1.0

References

secunia.com/advisories/18431

securityreason.com/securityalert/337

securitytracker.com/id?1015485

www.hardened-php.net/advisory_022006.113.html

www.php.net/release_5_1_2.php

www.securityfocus.com/archive/1/421705/100/0/threaded

www.securityfocus.com/bid/16219

www.vupen.com/english/advisories/2006/0177

www.vupen.com/english/advisories/2006/0369

exchange.xforce.ibmcloud.com/vulnerabilities/24095

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.118 Low

EPSS

Percentile

95.2%

JSON

Related for PRION:CVE-2006-0200