The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6
does not properly consider operator precedence when calculating the length
of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary
code via a crafted URI.
Author | Note |
---|---|
jdstrand | dapper and feisty have different code that is not affected |