+++ This bug was initially created as a clone of Bug #187510 +++ phpinfo() XSS issue An XSS issue has been found in phpinfo(). The CVS commit information is here: http://marc.theaimsgroup.com/?l=php-cvs&m=114374620416389&w=2 -- Additional comment from bressers on 2006-04-10 09:50 EST -- There is more information here: http://securityreason.com/achievement_securityalert/34 -- Additional comment from marcdeslauriers on 2006-04-29 13:36 EST -- Patch php-4.3.9-CVE-2006-0996.patch is incorrect. There is no TSRMLS_CC in zend_print_zval_ex().
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0549.html