CVE-2002-2029

HIGH(7.5)

AV:N/AC:L/Au:N/C:P/I:P/A:P

Risk Signal Score26/100 — MITTEL

CVSS 7.5 — Hoch

EPSS-Score

25%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

7.5

Technische Schwere

Beschreibung

PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.

Referenzen

http://www.iss.net/security_center/static/7815.php
http://www.securiteam.com/windowsntfocus/5ZP030U60U.html
http://www.securityfocus.com/bid/3786
http://www.iss.net/security_center/static/7815.php
http://www.securiteam.com/windowsntfocus/5ZP030U60U.html
http://www.securityfocus.com/bid/3786