Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2005-3389

The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.106
EPSS Ranking 93.0%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2005-3389
  • Php » Php » Version: 4.0.0
    cpe:2.3:a:php:php:4.0.0
  • Php » Php » Version: 4.0.1
    cpe:2.3:a:php:php:4.0.1
  • Php » Php » Version: 4.0.2
    cpe:2.3:a:php:php:4.0.2
  • Php » Php » Version: 4.0.3
    cpe:2.3:a:php:php:4.0.3
  • Php » Php » Version: 4.0.4
    cpe:2.3:a:php:php:4.0.4
  • Php » Php » Version: 4.0.5
    cpe:2.3:a:php:php:4.0.5
  • Php » Php » Version: 4.0.6
    cpe:2.3:a:php:php:4.0.6
  • Php » Php » Version: 4.0.7
    cpe:2.3:a:php:php:4.0.7
  • Php » Php » Version: 4.1.0
    cpe:2.3:a:php:php:4.1.0
  • Php » Php » Version: 4.1.1
    cpe:2.3:a:php:php:4.1.1
  • Php » Php » Version: 4.1.2
    cpe:2.3:a:php:php:4.1.2
  • Php » Php » Version: 4.2
    cpe:2.3:a:php:php:4.2
  • Php » Php » Version: 4.2.0
    cpe:2.3:a:php:php:4.2.0
  • Php » Php » Version: 4.2.1
    cpe:2.3:a:php:php:4.2.1
  • Php » Php » Version: 4.2.2
    cpe:2.3:a:php:php:4.2.2
  • Php » Php » Version: 4.2.3
    cpe:2.3:a:php:php:4.2.3
  • Php » Php » Version: 4.3.0
    cpe:2.3:a:php:php:4.3.0
  • Php » Php » Version: 4.3.1
    cpe:2.3:a:php:php:4.3.1
  • Php » Php » Version: 4.3.10
    cpe:2.3:a:php:php:4.3.10
  • Php » Php » Version: 4.3.11
    cpe:2.3:a:php:php:4.3.11
  • Php » Php » Version: 4.3.2
    cpe:2.3:a:php:php:4.3.2
  • Php » Php » Version: 4.3.3
    cpe:2.3:a:php:php:4.3.3
  • Php » Php » Version: 4.3.4
    cpe:2.3:a:php:php:4.3.4
  • Php » Php » Version: 4.3.5
    cpe:2.3:a:php:php:4.3.5
  • Php » Php » Version: 4.3.6
    cpe:2.3:a:php:php:4.3.6
  • Php » Php » Version: 4.3.7
    cpe:2.3:a:php:php:4.3.7
  • Php » Php » Version: 4.3.8
    cpe:2.3:a:php:php:4.3.8
  • Php » Php » Version: 4.3.9
    cpe:2.3:a:php:php:4.3.9
  • Php » Php » Version: 4.4.0
    cpe:2.3:a:php:php:4.4.0
  • Php » Php » Version: 5.0.0
    cpe:2.3:a:php:php:5.0.0
  • Php » Php » Version: 5.0.1
    cpe:2.3:a:php:php:5.0.1
  • Php » Php » Version: 5.0.2
    cpe:2.3:a:php:php:5.0.2
  • Php » Php » Version: 5.0.3
    cpe:2.3:a:php:php:5.0.3
  • Php » Php » Version: 5.0.4
    cpe:2.3:a:php:php:5.0.4
  • Php » Php » Version: 5.0.5
    cpe:2.3:a:php:php:5.0.5


Contact Us

Shodan ® - All rights reserved