CVE-2003-0097
First published: Mon Mar 03 2003(Updated: )
Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHP | =4.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2003-0097?
CVE-2003-0097 is considered to be a critical vulnerability due to the potential remote file access and execution of arbitrary code.
How do I fix CVE-2003-0097?
To fix CVE-2003-0097, update to a later version of PHP that has resolved this vulnerability.
What software is affected by CVE-2003-0097?
CVE-2003-0097 specifically affects PHP version 4.3.0.
What kind of attacks can exploit CVE-2003-0097?
CVE-2003-0097 can be exploited by attackers to read arbitrary files and potentially execute PHP code on the server.
How can I determine if my system is vulnerable to CVE-2003-0097?
To determine if your system is vulnerable to CVE-2003-0097, check if you are running PHP version 4.3.0 without appropriate security measures.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/php
- canonical/php
- version/php/4.3.0