190795 – CVE-2006-0996 phpinfo() XSS issue

Bug 190795 - CVE-2006-0996 phpinfo() XSS issue

Summary: CVE-2006-0996 phpinfo() XSS issue

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Web Application Stack Beta
Classification:	Retired
Component:	php
Sub Component:
Version:	v1
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	---
Assignee:	Joe Orton
QA Contact:	Gurhan Ozen
Docs Contact:
URL:
Whiteboard:	impact=low,reported=20060330,source=r...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-05-05 08:34 UTC by Mark J. Cox
Modified:	2013-11-04 01:30 UTC (History)
CC List:	1 user (show)
Fixed In Version:	php-5.1.4-1.el4s1.2
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-11-12 15:25:09 UTC
Embargoed:

Attachments	(Terms of Use)

Description Mark J. Cox 2006-05-05 08:34:48 UTC

phpinfo() XSS issue

An XSS issue has been found in phpinfo().  The CVS commit information
is here:

http://marc.theaimsgroup.com/?l=php-cvs&m=114374620416389&w=2

There is more information here:
http://securityreason.com/achievement_securityalert/34

Comment 2 Greg Nichols 2006-05-31 17:59:34 UTC

Verified in Stacks-LAMPV1-re20060524.1.

Comment 3 Tomas Hoger 2008-11-12 15:25:09 UTC

This issue was addressed in Red Hat Application Stack v1 before GA.

Note You need to log in before you can comment on or make changes to this bug.