LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

php: cross site scripting vulnerability

Package(s):php CVE #(s):CVE-2008-5814
Created:April 6, 2009 Updated:February 23, 2010
Description: php has a cross site scripting vulnerability, here is the National Vulnerability Database entry description: Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208.
Alerts:
Gentoo 201001-03 2010-01-05
SuSE SUSE-SR:2010:005 2010-02-23
Fedora FEDORA-2009-3768 2009-04-21
Fedora FEDORA-2009-3848 2009-04-21
Debian DSA-1789-1 2009-05-04
Ubuntu USN-761-2 2009-04-27
Ubuntu USN-761-1 2009-04-20
Red Hat RHSA-2009:0350-01 2009-04-14
CentOS CESA-2009:0338 2009-04-07
Red Hat RHSA-2009:0338-01 2009-04-06
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds