CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
97.3%
The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up
to 5.2.3 allows remote attackers to insert arbitrary attributes into the
session cookie via special characters in a cookie that is obtained from (1)
PATH_INFO, (2) the session_id function, and (3) the session_start function,
which are not encoded or filtered when the new session cookie is generated,
a related issue to CVE-2006-0207.
Author | Note |
---|---|
kees | http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.417.2.8.2.36&r2=1.417.2.8.2.37&pathrev=PHP_5_2 204-start-session-cookies.patch |