Oval Definition:oval:org.mitre.oval:def:10064
Revision Date:2013-04-29Version:12
Title:Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.
Description:Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-0208
Platform(s):CentOS Linux 3
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • OS Section: RHEL3, CentOS3
  • RHEL3 or CentOS3
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • OR CentOS Linux 3.x
  • AND Configuration section
  • php is earlier than 0:4.3.2-30.ent
  • OR php-pgsql is earlier than 0:4.3.2-30.ent
  • OR php-mysql is earlier than 0:4.3.2-30.ent
  • OR php-ldap is earlier than 0:4.3.2-30.ent
  • OR php-imap is earlier than 0:4.3.2-30.ent
  • OR php-odbc is earlier than 0:4.3.2-30.ent
  • OR php-devel is earlier than 0:4.3.2-30.ent
  • OR OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • php-xmlrpc is earlier than 0:4.3.9-3.12
  • OR php-snmp is earlier than 0:4.3.9-3.12
  • OR php-domxml is earlier than 0:4.3.9-3.12
  • OR php-mysql is earlier than 0:4.3.9-3.12
  • OR php-imap is earlier than 0:4.3.9-3.12
  • OR php-gd is earlier than 0:4.3.9-3.12
  • OR php is earlier than 0:4.3.9-3.12
  • OR php-mbstring is earlier than 0:4.3.9-3.12
  • OR php-pgsql is earlier than 0:4.3.9-3.12
  • OR php-pear is earlier than 0:4.3.9-3.12
  • OR php-ldap is earlier than 0:4.3.9-3.12
  • OR php-odbc is earlier than 0:4.3.9-3.12
  • OR php-ncurses is earlier than 0:4.3.9-3.12
  • OR php-devel is earlier than 0:4.3.9-3.12
    • BACK