Description

Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.

Remediation

References

CVE-2006-0200

Related Vulnerabilities

ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5866)

MySQL CVE-2013-5786 Vulnerability (CVE-2013-5786)

Serendipity Other Vulnerability (CVE-2006-2495)

WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.13)

WordPress Plugin WP Jobs Cross-Site Scripting (1.6)

Severity

Critical

Classification

CVE-2006-0200 CWE-134

Tags

Missing Update Known Vulnerabilities