Description

The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.

Remediation

References

CVE-2005-3319

Related Vulnerabilities

PHP Out-of-bounds Read Vulnerability (CVE-2019-11050)

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17310)

WordPress Plugin Content Grabber Multiple Vulnerabilities (1.0)

b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7149)

osTicket Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-4634)

Severity

Low

Classification

CVE-2005-3319

Tags

Missing Update Known Vulnerabilities