Action not permitted
Modal body text goes here.
cve-2004-0595
Vulnerability from cvelistv5
Published
2004-07-16 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2004:847",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "20040714 TSSA-2004-013 - php",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "DSA-669",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "oval:org.mitre.oval:def:10619",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
},
{
"name": "RHSA-2004:395",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "RHSA-2004:392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "DSA-531",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "SUSE-SA:2004:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "MDKSA-2004:068",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "php-strip-tag-bypass(16692)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"name": "RHSA-2005:816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "SSRT4777",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "10724",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10724"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "GLSA-200407-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"name": "20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2004:847",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "20040714 TSSA-2004-013 - php",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "DSA-669",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "oval:org.mitre.oval:def:10619",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
},
{
"name": "RHSA-2004:395",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "RHSA-2004:392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "DSA-531",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "SUSE-SA:2004:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "MDKSA-2004:068",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "php-strip-tag-bypass(16692)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"name": "RHSA-2005:816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "SSRT4777",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "10724",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10724"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "GLSA-200407-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"name": "20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0595",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2004:847",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "20040714 TSSA-2004-013 - php",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "DSA-669",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "oval:org.mitre.oval:def:10619",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
},
{
"name": "RHSA-2004:395",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "RHSA-2004:392",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "DSA-531",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "SUSE-SA:2004:021",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "MDKSA-2004:068",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "php-strip-tag-bypass(16692)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"name": "RHSA-2005:816",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "SSRT4777",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "10724",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10724"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "GLSA-200407-13",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"name": "20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0595",
"datePublished": "2004-07-16T04:00:00",
"dateReserved": "2004-06-23T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2004-0595\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-07-27T04:00:00.000\",\"lastModified\":\"2018-10-30T16:25:35.387\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n strip_tags en PHP 4.x hasta 4.3.7, y 5.x hasta 5.0.0RC3, no filtra caract\u00e9res null() dentro de nombreres de etiquetas cuanto se restringe la entrada a etiquetas permitidas, lo que permite que etiquetas peligrosas sean procesadas por navegadores como Internet Explorer y Safari, que ignoran caract\u00e9res nulos y facilita la explotaci\u00f3n de vulnerabilidades de secuencias de comandos en sitios cruzados (XSS).\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":6.8},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E586558A-ABC3-42EB-8B4D-DC92A0D695E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C84296C-2C8A-4DCD-9751-52951F8BEA9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6996B14-925B-46B8-982F-3545328B506B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39605B96-BAD6-45C9-BB9A-43D6E2C51ADD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A67735E5-E43E-4164-BDB2-ADC6E0288E9F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12D6986-429E-4152-A6E5-4CC1FB9556D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDBEC461-D553-41B7-8D85-20B6A933C21C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78BAA18C-E5A0-4210-B64B-709BBFF31EEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13A159B4-B847-47DE-B7F8-89384E6C551B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57B59616-A309-40B4-94B1-50A7BC00E35C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F39A1B1-416E-4436-8007-733B66904A14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC2E5F96-66D2-4F99-A74D-6A2305EE218E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D724D09-0D45-4701-93C9-348301217C8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6713614A-B14E-4A85-BF89-ED780068FC68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD95F8EB-B428-4B3C-9254-A5DECE03A989\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"069EB7EE-06B9-454F-9007-8DE5DCA33C53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18BF5BE6-09EA-45AD-93BF-2BEF1742534E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC1460DF-1687-4314-BF1A-01290B20302D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"470380B0-3982-48FC-871B-C8B43C81900D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63190D9B-7958-4B93-87C6-E7D5A572F6DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AAF4586-74FF-47C6-864B-656FDF3F33D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5652D5B0-68E4-4239-B9B7-599AFCF4C53E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57B71BB7-5239-4860-9100-8CABC3992D8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72BD447A-4EED-482C-8F61-48FAD4FCF8BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3797AB5-9E49-4251-A212-B6E5D9996764\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20C0BD87-CE4B-49D2-89BE-EF282C43AD72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3E6C4A8-59F4-43EE-8413-E95289037598\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE76357A-27E6-4D85-9AA0-1BB658C41568\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C56C5FDB-24E2-479D-87CA-164CD28567D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D982AE39-BB57-49E7-B5FE-5EF1ADE2F019\"}]}]}],\"references\":[{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2004/dsa-531\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2005/dsa-669\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2004_21_php4.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2004-392.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2004-395.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2004-405.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-816.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/10724\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/16692\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619\",\"source\":\"cve@mitre.org\"}]}}"
}
}
rhsa-2004_405
Vulnerability from csaf_redhat
Published
2004-07-23 09:26
Modified
2024-11-21 23:08
Summary
Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold
Notes
Topic
Updated versions of cross-platform Stronghold that fix security issues in
mod_ssl, PHP, and the Apache HTTP Server are now available.
Details
Stronghold 4 contains a number of open source technologies, including
PHP, mod_ssl and the Apache HTTP Server.
Stefan Esser discovered a flaw when the memory_limit configuration setting
was enabled in PHP 4 versions prior to 4.3.8. If a remote attacker could
force the PHP interpreter to allocate more memory than the memory_limit
setting before script execution begins, then the attacker may be able to
supply the contents of a PHP hash table remotely. This hash table could
then be used to execute arbitrary code as the 'apache' user. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0594 to this issue.
It may be possible to exploit this issue if using a non-default PHP
configuration with the "register_defaults" setting is changed to "On". Red
Hat does not believe that this flaw is exploitable in the default
configuration of Stronghold 4.
Stefan Esser discovered a flaw in the strip_tags function in versions of
PHP prior to 4.3.8. The strip_tags function is commonly used by PHP scripts
to prevent cross-site scripting attacks by removing HTML tags from
user-supplied form data. By embedding NUL bytes into form data, HTML tags
can in some cases be passed intact through the strip_tags function, which
may allow a cross-site scripting attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0595 to
this issue.
A stack buffer overflow was discovered in mod_ssl which can be triggered if
using the FakeBasicAuth option. If mod_ssl is sent a client certificate
with a subject DN field longer than 6000 characters, a stack overflow can
occur if FakeBasicAuth has been enabled. In order to exploit this issue,
the carefully crafted malicious certificate would have to be signed by a
Certificate Authority which mod_ssl is configured to trust. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0488 to this issue.
A format string issue was discovered in mod_ssl which can be triggered if
mod_ssl is configured to allow a client to proxy to remote SSL sites.
If mod_ssl is forced to connect to a remote SSL server using a
carefully crafted hostname, an attacker may be able to crash an Apache
child process. This issue is not known to allow arbitrary execution of
code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0700 to this issue.
A denial of service issue was discovered which affects versions of the
Apache HTTP Server prior to 1.3.30. On some platforms, when Apache is
configured with multiple listening sockets, a short-lived connection to
one socket may temporarily block new connections to other sockets. This
issue does not affect Stronghold if running on Linux, FreeBSD or HP-UX
platforms. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0174 to this issue.
Users of Stronghold 4 cross-platform are advised to update to these errata
versions, which contain backported security fixes and are not vulnerable to
these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated versions of cross-platform Stronghold that fix security issues in\nmod_ssl, PHP, and the Apache HTTP Server are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Stronghold 4 contains a number of open source technologies, including\nPHP, mod_ssl and the Apache HTTP Server.\n\nStefan Esser discovered a flaw when the memory_limit configuration setting\nwas enabled in PHP 4 versions prior to 4.3.8. If a remote attacker could\nforce the PHP interpreter to allocate more memory than the memory_limit\nsetting before script execution begins, then the attacker may be able to\nsupply the contents of a PHP hash table remotely. This hash table could\nthen be used to execute arbitrary code as the \u0027apache\u0027 user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-0594 to this issue.\n\nIt may be possible to exploit this issue if using a non-default PHP\nconfiguration with the \"register_defaults\" setting is changed to \"On\". Red\nHat does not believe that this flaw is exploitable in the default\nconfiguration of Stronghold 4.\n\nStefan Esser discovered a flaw in the strip_tags function in versions of\nPHP prior to 4.3.8. The strip_tags function is commonly used by PHP scripts\nto prevent cross-site scripting attacks by removing HTML tags from\nuser-supplied form data. By embedding NUL bytes into form data, HTML tags\ncan in some cases be passed intact through the strip_tags function, which\nmay allow a cross-site scripting attack. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2004-0595 to\nthis issue.\n\nA stack buffer overflow was discovered in mod_ssl which can be triggered if\nusing the FakeBasicAuth option. If mod_ssl is sent a client certificate\nwith a subject DN field longer than 6000 characters, a stack overflow can\noccur if FakeBasicAuth has been enabled. In order to exploit this issue,\nthe carefully crafted malicious certificate would have to be signed by a\nCertificate Authority which mod_ssl is configured to trust. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-0488 to this issue.\n\nA format string issue was discovered in mod_ssl which can be triggered if \nmod_ssl is configured to allow a client to proxy to remote SSL sites. \nIf mod_ssl is forced to connect to a remote SSL server using a\ncarefully crafted hostname, an attacker may be able to crash an Apache\nchild process. This issue is not known to allow arbitrary execution of\ncode. The Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2004-0700 to this issue.\n\nA denial of service issue was discovered which affects versions of the\nApache HTTP Server prior to 1.3.30. On some platforms, when Apache is\nconfigured with multiple listening sockets, a short-lived connection to\none socket may temporarily block new connections to other sockets. This\nissue does not affect Stronghold if running on Linux, FreeBSD or HP-UX\nplatforms. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2004-0174 to this issue.\n\nUsers of Stronghold 4 cross-platform are advised to update to these errata\nversions, which contain backported security fixes and are not vulnerable to\nthese issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2004:405",
"url": "https://access.redhat.com/errata/RHSA-2004:405"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "127703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=127703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2004/rhsa-2004_405.json"
}
],
"title": "Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold",
"tracking": {
"current_release_date": "2024-11-21T23:08:43+00:00",
"generator": {
"date": "2024-11-21T23:08:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2004:405",
"initial_release_date": "2004-07-23T09:26:00+00:00",
"revision_history": [
{
"date": "2004-07-23T09:26:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2004-07-23T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T23:08:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Stronghold 4",
"product": {
"name": "Red Hat Stronghold 4",
"product_id": "Red Hat Stronghold 4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:stronghold:4"
}
}
}
],
"category": "product_family",
"name": "Stronghold Cross Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2004-0174",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617165"
}
],
"notes": [
{
"category": "description",
"text": "Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a \"short-lived connection on a rarely-accessed listening socket.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Not vulnerable. This issue did not affect Linux.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Stronghold 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0174"
},
{
"category": "external",
"summary": "RHBZ#1617165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0174",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0174"
}
],
"release_date": "2004-03-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-07-23T09:26:00+00:00",
"details": "Updated Stronghold 4 packages are now available via the update agent\nservice. Run the following command from the Stronghold 4 install root to\nupgrade an existing Stronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0i patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4",
"product_ids": [
"Red Hat Stronghold 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:405"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-0488",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "430867"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mod_ssl ssl_util_uuencode_binary CA issue",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Stronghold 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0488"
},
{
"category": "external",
"summary": "RHBZ#430867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=430867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0488",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0488"
}
],
"release_date": "2004-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-07-23T09:26:00+00:00",
"details": "Updated Stronghold 4 packages are now available via the update agent\nservice. Run the following command from the Stronghold 4 install root to\nupgrade an existing Stronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0i patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4",
"product_ids": [
"Red Hat Stronghold 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:405"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mod_ssl ssl_util_uuencode_binary CA issue"
},
{
"cve": "CVE-2004-0594",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617233"
}
],
"notes": [
{
"category": "description",
"text": "The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Stronghold 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0594"
},
{
"category": "external",
"summary": "RHBZ#1617233",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617233"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0594",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0594"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0594",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0594"
}
],
"release_date": "2004-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-07-23T09:26:00+00:00",
"details": "Updated Stronghold 4 packages are now available via the update agent\nservice. Run the following command from the Stronghold 4 install root to\nupgrade an existing Stronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0i patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4",
"product_ids": [
"Red Hat Stronghold 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:405"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-0595",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617234"
}
],
"notes": [
{
"category": "description",
"text": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Stronghold 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0595"
},
{
"category": "external",
"summary": "RHBZ#1617234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0595",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0595"
}
],
"release_date": "2004-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-07-23T09:26:00+00:00",
"details": "Updated Stronghold 4 packages are now available via the update agent\nservice. Run the following command from the Stronghold 4 install root to\nupgrade an existing Stronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0i patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4",
"product_ids": [
"Red Hat Stronghold 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:405"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-0700",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "430866"
}
],
"notes": [
{
"category": "description",
"text": "Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mod_proxy hook format string",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Stronghold 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0700"
},
{
"category": "external",
"summary": "RHBZ#430866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=430866"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0700",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0700"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0700",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0700"
}
],
"release_date": "2004-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-07-23T09:26:00+00:00",
"details": "Updated Stronghold 4 packages are now available via the update agent\nservice. Run the following command from the Stronghold 4 install root to\nupgrade an existing Stronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0i patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4",
"product_ids": [
"Red Hat Stronghold 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:405"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mod_proxy hook format string"
}
]
}
rhsa-2004_392
Vulnerability from csaf_redhat
Published
2004-07-19 20:42
Modified
2024-11-14 10:03
Summary
Red Hat Security Advisory: php security update
Notes
Topic
Updated php packages that fix various security issues are now available.
Details
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP server.
Stefan Esser discovered a flaw when memory_limit is enabled in versions of
PHP 4 before 4.3.8. If a remote attacker could force the PHP interpreter to
allocate more memory than the memory_limit setting before script execution
begins, then the attacker may be able to supply the contents of a PHP hash
table remotely. This hash table could then be used to execute arbitrary
code as the 'apache' user. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0594 to this issue.
This issue has a higher risk when PHP is running on an instance of Apache
which is vulnerable to CAN-2004-0493. For Red Hat Enterprise Linux 3, this
Apache memory exhaustion issue was fixed by a previous update,
RHSA-2004:342. It may also be possible to exploit this issue if using a
non-default PHP configuration with the "register_defaults" setting is
changed to "On". Red Hat does not believe that this flaw is exploitable in
the default configuration of Red Hat Enterprise Linux 3.
Stefan Esser discovered a flaw in the strip_tags function in versions of
PHP before 4.3.8. The strip_tags function is commonly used by PHP scripts
to prevent Cross-Site-Scripting attacks by removing HTML tags from
user-supplied form data. By embedding NUL bytes into form data, HTML tags
can in some cases be passed intact through the strip_tags function, which
may allow a Cross-Site-Scripting attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0595 to
this issue.
All users of PHP are advised to upgrade to these updated packages, which
contain backported patches that address these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated php packages that fix various security issues are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP server.\n\nStefan Esser discovered a flaw when memory_limit is enabled in versions of\nPHP 4 before 4.3.8. If a remote attacker could force the PHP interpreter to\nallocate more memory than the memory_limit setting before script execution\nbegins, then the attacker may be able to supply the contents of a PHP hash\ntable remotely. This hash table could then be used to execute arbitrary\ncode as the \u0027apache\u0027 user. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2004-0594 to this issue.\n\nThis issue has a higher risk when PHP is running on an instance of Apache\nwhich is vulnerable to CAN-2004-0493. For Red Hat Enterprise Linux 3, this\nApache memory exhaustion issue was fixed by a previous update,\nRHSA-2004:342. It may also be possible to exploit this issue if using a\nnon-default PHP configuration with the \"register_defaults\" setting is\nchanged to \"On\". Red Hat does not believe that this flaw is exploitable in\nthe default configuration of Red Hat Enterprise Linux 3.\n\nStefan Esser discovered a flaw in the strip_tags function in versions of\nPHP before 4.3.8. The strip_tags function is commonly used by PHP scripts\nto prevent Cross-Site-Scripting attacks by removing HTML tags from\nuser-supplied form data. By embedding NUL bytes into form data, HTML tags\ncan in some cases be passed intact through the strip_tags function, which\nmay allow a Cross-Site-Scripting attack. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2004-0595 to\nthis issue. \n\nAll users of PHP are advised to upgrade to these updated packages, which\ncontain backported patches that address these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2004:392",
"url": "https://access.redhat.com/errata/RHSA-2004:392"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "127642",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=127642"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2004/rhsa-2004_392.json"
}
],
"title": "Red Hat Security Advisory: php security update",
"tracking": {
"current_release_date": "2024-11-14T10:03:20+00:00",
"generator": {
"date": "2024-11-14T10:03:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2004:392",
"initial_release_date": "2004-07-19T20:42:00+00:00",
"revision_history": [
{
"date": "2004-07-19T20:42:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2004-07-19T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T10:03:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "3AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "3Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "3ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "3WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "php-odbc-0:4.3.2-11.1.ent.ia64",
"product": {
"name": "php-odbc-0:4.3.2-11.1.ent.ia64",
"product_id": "php-odbc-0:4.3.2-11.1.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-odbc@4.3.2-11.1.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-devel-0:4.3.2-11.1.ent.ia64",
"product": {
"name": "php-devel-0:4.3.2-11.1.ent.ia64",
"product_id": "php-devel-0:4.3.2-11.1.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-devel@4.3.2-11.1.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-pgsql-0:4.3.2-11.1.ent.ia64",
"product": {
"name": "php-pgsql-0:4.3.2-11.1.ent.ia64",
"product_id": "php-pgsql-0:4.3.2-11.1.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-pgsql@4.3.2-11.1.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-ldap-0:4.3.2-11.1.ent.ia64",
"product": {
"name": "php-ldap-0:4.3.2-11.1.ent.ia64",
"product_id": "php-ldap-0:4.3.2-11.1.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-ldap@4.3.2-11.1.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-0:4.3.2-11.1.ent.ia64",
"product": {
"name": "php-0:4.3.2-11.1.ent.ia64",
"product_id": "php-0:4.3.2-11.1.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@4.3.2-11.1.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-mysql-0:4.3.2-11.1.ent.ia64",
"product": {
"name": "php-mysql-0:4.3.2-11.1.ent.ia64",
"product_id": "php-mysql-0:4.3.2-11.1.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-mysql@4.3.2-11.1.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-debuginfo-0:4.3.2-11.1.ent.ia64",
"product": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.ia64",
"product_id": "php-debuginfo-0:4.3.2-11.1.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-debuginfo@4.3.2-11.1.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-imap-0:4.3.2-11.1.ent.ia64",
"product": {
"name": "php-imap-0:4.3.2-11.1.ent.ia64",
"product_id": "php-imap-0:4.3.2-11.1.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-imap@4.3.2-11.1.ent?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "php-odbc-0:4.3.2-11.1.ent.x86_64",
"product": {
"name": "php-odbc-0:4.3.2-11.1.ent.x86_64",
"product_id": "php-odbc-0:4.3.2-11.1.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-odbc@4.3.2-11.1.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-devel-0:4.3.2-11.1.ent.x86_64",
"product": {
"name": "php-devel-0:4.3.2-11.1.ent.x86_64",
"product_id": "php-devel-0:4.3.2-11.1.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-devel@4.3.2-11.1.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-pgsql-0:4.3.2-11.1.ent.x86_64",
"product": {
"name": "php-pgsql-0:4.3.2-11.1.ent.x86_64",
"product_id": "php-pgsql-0:4.3.2-11.1.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-pgsql@4.3.2-11.1.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-ldap-0:4.3.2-11.1.ent.x86_64",
"product": {
"name": "php-ldap-0:4.3.2-11.1.ent.x86_64",
"product_id": "php-ldap-0:4.3.2-11.1.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-ldap@4.3.2-11.1.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-0:4.3.2-11.1.ent.x86_64",
"product": {
"name": "php-0:4.3.2-11.1.ent.x86_64",
"product_id": "php-0:4.3.2-11.1.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@4.3.2-11.1.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-mysql-0:4.3.2-11.1.ent.x86_64",
"product": {
"name": "php-mysql-0:4.3.2-11.1.ent.x86_64",
"product_id": "php-mysql-0:4.3.2-11.1.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-mysql@4.3.2-11.1.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"product": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"product_id": "php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-debuginfo@4.3.2-11.1.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-imap-0:4.3.2-11.1.ent.x86_64",
"product": {
"name": "php-imap-0:4.3.2-11.1.ent.x86_64",
"product_id": "php-imap-0:4.3.2-11.1.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-imap@4.3.2-11.1.ent?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "php-odbc-0:4.3.2-11.1.ent.i386",
"product": {
"name": "php-odbc-0:4.3.2-11.1.ent.i386",
"product_id": "php-odbc-0:4.3.2-11.1.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-odbc@4.3.2-11.1.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-devel-0:4.3.2-11.1.ent.i386",
"product": {
"name": "php-devel-0:4.3.2-11.1.ent.i386",
"product_id": "php-devel-0:4.3.2-11.1.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-devel@4.3.2-11.1.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-pgsql-0:4.3.2-11.1.ent.i386",
"product": {
"name": "php-pgsql-0:4.3.2-11.1.ent.i386",
"product_id": "php-pgsql-0:4.3.2-11.1.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-pgsql@4.3.2-11.1.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-ldap-0:4.3.2-11.1.ent.i386",
"product": {
"name": "php-ldap-0:4.3.2-11.1.ent.i386",
"product_id": "php-ldap-0:4.3.2-11.1.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-ldap@4.3.2-11.1.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-0:4.3.2-11.1.ent.i386",
"product": {
"name": "php-0:4.3.2-11.1.ent.i386",
"product_id": "php-0:4.3.2-11.1.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@4.3.2-11.1.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-mysql-0:4.3.2-11.1.ent.i386",
"product": {
"name": "php-mysql-0:4.3.2-11.1.ent.i386",
"product_id": "php-mysql-0:4.3.2-11.1.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-mysql@4.3.2-11.1.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-debuginfo-0:4.3.2-11.1.ent.i386",
"product": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.i386",
"product_id": "php-debuginfo-0:4.3.2-11.1.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-debuginfo@4.3.2-11.1.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-imap-0:4.3.2-11.1.ent.i386",
"product": {
"name": "php-imap-0:4.3.2-11.1.ent.i386",
"product_id": "php-imap-0:4.3.2-11.1.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-imap@4.3.2-11.1.ent?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "php-0:4.3.2-11.1.ent.src",
"product": {
"name": "php-0:4.3.2-11.1.ent.src",
"product_id": "php-0:4.3.2-11.1.ent.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@4.3.2-11.1.ent?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "php-odbc-0:4.3.2-11.1.ent.ppc",
"product": {
"name": "php-odbc-0:4.3.2-11.1.ent.ppc",
"product_id": "php-odbc-0:4.3.2-11.1.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-odbc@4.3.2-11.1.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "php-devel-0:4.3.2-11.1.ent.ppc",
"product": {
"name": "php-devel-0:4.3.2-11.1.ent.ppc",
"product_id": "php-devel-0:4.3.2-11.1.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-devel@4.3.2-11.1.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "php-pgsql-0:4.3.2-11.1.ent.ppc",
"product": {
"name": "php-pgsql-0:4.3.2-11.1.ent.ppc",
"product_id": "php-pgsql-0:4.3.2-11.1.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-pgsql@4.3.2-11.1.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "php-ldap-0:4.3.2-11.1.ent.ppc",
"product": {
"name": "php-ldap-0:4.3.2-11.1.ent.ppc",
"product_id": "php-ldap-0:4.3.2-11.1.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-ldap@4.3.2-11.1.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "php-0:4.3.2-11.1.ent.ppc",
"product": {
"name": "php-0:4.3.2-11.1.ent.ppc",
"product_id": "php-0:4.3.2-11.1.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@4.3.2-11.1.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "php-mysql-0:4.3.2-11.1.ent.ppc",
"product": {
"name": "php-mysql-0:4.3.2-11.1.ent.ppc",
"product_id": "php-mysql-0:4.3.2-11.1.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-mysql@4.3.2-11.1.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "php-debuginfo-0:4.3.2-11.1.ent.ppc",
"product": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.ppc",
"product_id": "php-debuginfo-0:4.3.2-11.1.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-debuginfo@4.3.2-11.1.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "php-imap-0:4.3.2-11.1.ent.ppc",
"product": {
"name": "php-imap-0:4.3.2-11.1.ent.ppc",
"product_id": "php-imap-0:4.3.2-11.1.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-imap@4.3.2-11.1.ent?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "php-odbc-0:4.3.2-11.1.ent.s390x",
"product": {
"name": "php-odbc-0:4.3.2-11.1.ent.s390x",
"product_id": "php-odbc-0:4.3.2-11.1.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-odbc@4.3.2-11.1.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "php-devel-0:4.3.2-11.1.ent.s390x",
"product": {
"name": "php-devel-0:4.3.2-11.1.ent.s390x",
"product_id": "php-devel-0:4.3.2-11.1.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-devel@4.3.2-11.1.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "php-pgsql-0:4.3.2-11.1.ent.s390x",
"product": {
"name": "php-pgsql-0:4.3.2-11.1.ent.s390x",
"product_id": "php-pgsql-0:4.3.2-11.1.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-pgsql@4.3.2-11.1.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "php-ldap-0:4.3.2-11.1.ent.s390x",
"product": {
"name": "php-ldap-0:4.3.2-11.1.ent.s390x",
"product_id": "php-ldap-0:4.3.2-11.1.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-ldap@4.3.2-11.1.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "php-0:4.3.2-11.1.ent.s390x",
"product": {
"name": "php-0:4.3.2-11.1.ent.s390x",
"product_id": "php-0:4.3.2-11.1.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@4.3.2-11.1.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "php-mysql-0:4.3.2-11.1.ent.s390x",
"product": {
"name": "php-mysql-0:4.3.2-11.1.ent.s390x",
"product_id": "php-mysql-0:4.3.2-11.1.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-mysql@4.3.2-11.1.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390x",
"product": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390x",
"product_id": "php-debuginfo-0:4.3.2-11.1.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-debuginfo@4.3.2-11.1.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "php-imap-0:4.3.2-11.1.ent.s390x",
"product": {
"name": "php-imap-0:4.3.2-11.1.ent.s390x",
"product_id": "php-imap-0:4.3.2-11.1.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-imap@4.3.2-11.1.ent?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "php-odbc-0:4.3.2-11.1.ent.s390",
"product": {
"name": "php-odbc-0:4.3.2-11.1.ent.s390",
"product_id": "php-odbc-0:4.3.2-11.1.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-odbc@4.3.2-11.1.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "php-devel-0:4.3.2-11.1.ent.s390",
"product": {
"name": "php-devel-0:4.3.2-11.1.ent.s390",
"product_id": "php-devel-0:4.3.2-11.1.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-devel@4.3.2-11.1.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "php-pgsql-0:4.3.2-11.1.ent.s390",
"product": {
"name": "php-pgsql-0:4.3.2-11.1.ent.s390",
"product_id": "php-pgsql-0:4.3.2-11.1.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-pgsql@4.3.2-11.1.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "php-ldap-0:4.3.2-11.1.ent.s390",
"product": {
"name": "php-ldap-0:4.3.2-11.1.ent.s390",
"product_id": "php-ldap-0:4.3.2-11.1.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-ldap@4.3.2-11.1.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "php-0:4.3.2-11.1.ent.s390",
"product": {
"name": "php-0:4.3.2-11.1.ent.s390",
"product_id": "php-0:4.3.2-11.1.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@4.3.2-11.1.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "php-mysql-0:4.3.2-11.1.ent.s390",
"product": {
"name": "php-mysql-0:4.3.2-11.1.ent.s390",
"product_id": "php-mysql-0:4.3.2-11.1.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-mysql@4.3.2-11.1.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390",
"product": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390",
"product_id": "php-debuginfo-0:4.3.2-11.1.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-debuginfo@4.3.2-11.1.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "php-imap-0:4.3.2-11.1.ent.s390",
"product": {
"name": "php-imap-0:4.3.2-11.1.ent.s390",
"product_id": "php-imap-0:4.3.2-11.1.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-imap@4.3.2-11.1.ent?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.src as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-0:4.3.2-11.1.ent.src"
},
"product_reference": "php-0:4.3.2-11.1.ent.src",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-debuginfo-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-debuginfo-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-debuginfo-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-debuginfo-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-debuginfo-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-debuginfo-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-devel-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-devel-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-devel-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-devel-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-devel-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-devel-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-imap-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-imap-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-imap-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-imap-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-imap-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-imap-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-ldap-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-ldap-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-ldap-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-ldap-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-ldap-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-ldap-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-mysql-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-mysql-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-mysql-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-mysql-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-mysql-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-mysql-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-odbc-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-odbc-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-odbc-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-odbc-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-odbc-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-odbc-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-pgsql-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-pgsql-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-pgsql-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-pgsql-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-pgsql-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:php-pgsql-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.src as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-0:4.3.2-11.1.ent.src"
},
"product_reference": "php-0:4.3.2-11.1.ent.src",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-debuginfo-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-debuginfo-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-debuginfo-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-debuginfo-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-debuginfo-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-debuginfo-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-devel-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-devel-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-devel-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-devel-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-devel-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-devel-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-imap-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-imap-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-imap-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-imap-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-imap-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-imap-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-ldap-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-ldap-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-ldap-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-ldap-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-ldap-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-ldap-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-mysql-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-mysql-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-mysql-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-mysql-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-mysql-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-mysql-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-odbc-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-odbc-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-odbc-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-odbc-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-odbc-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-odbc-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-pgsql-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-pgsql-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-pgsql-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-pgsql-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-pgsql-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:php-pgsql-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.src as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-0:4.3.2-11.1.ent.src"
},
"product_reference": "php-0:4.3.2-11.1.ent.src",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-debuginfo-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-debuginfo-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-debuginfo-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-debuginfo-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-debuginfo-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-debuginfo-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-devel-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-devel-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-devel-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-devel-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-devel-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-devel-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-imap-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-imap-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-imap-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-imap-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-imap-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-imap-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-ldap-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-ldap-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-ldap-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-ldap-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-ldap-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-ldap-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-mysql-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-mysql-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-mysql-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-mysql-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-mysql-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-mysql-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-odbc-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-odbc-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-odbc-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-odbc-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-odbc-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-odbc-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-pgsql-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-pgsql-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-pgsql-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-pgsql-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-pgsql-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:php-pgsql-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.src as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-0:4.3.2-11.1.ent.src"
},
"product_reference": "php-0:4.3.2-11.1.ent.src",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-debuginfo-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-debuginfo-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-debuginfo-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-debuginfo-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-debuginfo-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-debuginfo-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-devel-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-devel-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-devel-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-devel-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-devel-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-devel-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-devel-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-imap-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-imap-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-imap-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-imap-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-imap-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-imap-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-imap-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-ldap-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-ldap-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-ldap-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-ldap-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-ldap-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-ldap-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-ldap-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-mysql-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-mysql-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-mysql-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-mysql-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-mysql-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-mysql-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-mysql-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-odbc-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-odbc-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-odbc-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-odbc-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-odbc-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-odbc-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-odbc-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-pgsql-0:4.3.2-11.1.ent.i386"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-pgsql-0:4.3.2-11.1.ent.ia64"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-pgsql-0:4.3.2-11.1.ent.ppc"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-pgsql-0:4.3.2-11.1.ent.s390"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-pgsql-0:4.3.2-11.1.ent.s390x"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.3.2-11.1.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:php-pgsql-0:4.3.2-11.1.ent.x86_64"
},
"product_reference": "php-pgsql-0:4.3.2-11.1.ent.x86_64",
"relates_to_product_reference": "3WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2004-0594",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617233"
}
],
"notes": [
{
"category": "description",
"text": "The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"3AS:php-0:4.3.2-11.1.ent.i386",
"3AS:php-0:4.3.2-11.1.ent.ia64",
"3AS:php-0:4.3.2-11.1.ent.ppc",
"3AS:php-0:4.3.2-11.1.ent.s390",
"3AS:php-0:4.3.2-11.1.ent.s390x",
"3AS:php-0:4.3.2-11.1.ent.src",
"3AS:php-0:4.3.2-11.1.ent.x86_64",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3AS:php-devel-0:4.3.2-11.1.ent.i386",
"3AS:php-devel-0:4.3.2-11.1.ent.ia64",
"3AS:php-devel-0:4.3.2-11.1.ent.ppc",
"3AS:php-devel-0:4.3.2-11.1.ent.s390",
"3AS:php-devel-0:4.3.2-11.1.ent.s390x",
"3AS:php-devel-0:4.3.2-11.1.ent.x86_64",
"3AS:php-imap-0:4.3.2-11.1.ent.i386",
"3AS:php-imap-0:4.3.2-11.1.ent.ia64",
"3AS:php-imap-0:4.3.2-11.1.ent.ppc",
"3AS:php-imap-0:4.3.2-11.1.ent.s390",
"3AS:php-imap-0:4.3.2-11.1.ent.s390x",
"3AS:php-imap-0:4.3.2-11.1.ent.x86_64",
"3AS:php-ldap-0:4.3.2-11.1.ent.i386",
"3AS:php-ldap-0:4.3.2-11.1.ent.ia64",
"3AS:php-ldap-0:4.3.2-11.1.ent.ppc",
"3AS:php-ldap-0:4.3.2-11.1.ent.s390",
"3AS:php-ldap-0:4.3.2-11.1.ent.s390x",
"3AS:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3AS:php-mysql-0:4.3.2-11.1.ent.i386",
"3AS:php-mysql-0:4.3.2-11.1.ent.ia64",
"3AS:php-mysql-0:4.3.2-11.1.ent.ppc",
"3AS:php-mysql-0:4.3.2-11.1.ent.s390",
"3AS:php-mysql-0:4.3.2-11.1.ent.s390x",
"3AS:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3AS:php-odbc-0:4.3.2-11.1.ent.i386",
"3AS:php-odbc-0:4.3.2-11.1.ent.ia64",
"3AS:php-odbc-0:4.3.2-11.1.ent.ppc",
"3AS:php-odbc-0:4.3.2-11.1.ent.s390",
"3AS:php-odbc-0:4.3.2-11.1.ent.s390x",
"3AS:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3AS:php-pgsql-0:4.3.2-11.1.ent.i386",
"3AS:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3AS:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3AS:php-pgsql-0:4.3.2-11.1.ent.s390",
"3AS:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3AS:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-0:4.3.2-11.1.ent.i386",
"3Desktop:php-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-0:4.3.2-11.1.ent.s390",
"3Desktop:php-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-0:4.3.2-11.1.ent.src",
"3Desktop:php-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-devel-0:4.3.2-11.1.ent.i386",
"3Desktop:php-devel-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-devel-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-devel-0:4.3.2-11.1.ent.s390",
"3Desktop:php-devel-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-devel-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-imap-0:4.3.2-11.1.ent.i386",
"3Desktop:php-imap-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-imap-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-imap-0:4.3.2-11.1.ent.s390",
"3Desktop:php-imap-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-imap-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.i386",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.s390",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.i386",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.s390",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.i386",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.s390",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.i386",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.s390",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3ES:php-0:4.3.2-11.1.ent.i386",
"3ES:php-0:4.3.2-11.1.ent.ia64",
"3ES:php-0:4.3.2-11.1.ent.ppc",
"3ES:php-0:4.3.2-11.1.ent.s390",
"3ES:php-0:4.3.2-11.1.ent.s390x",
"3ES:php-0:4.3.2-11.1.ent.src",
"3ES:php-0:4.3.2-11.1.ent.x86_64",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3ES:php-devel-0:4.3.2-11.1.ent.i386",
"3ES:php-devel-0:4.3.2-11.1.ent.ia64",
"3ES:php-devel-0:4.3.2-11.1.ent.ppc",
"3ES:php-devel-0:4.3.2-11.1.ent.s390",
"3ES:php-devel-0:4.3.2-11.1.ent.s390x",
"3ES:php-devel-0:4.3.2-11.1.ent.x86_64",
"3ES:php-imap-0:4.3.2-11.1.ent.i386",
"3ES:php-imap-0:4.3.2-11.1.ent.ia64",
"3ES:php-imap-0:4.3.2-11.1.ent.ppc",
"3ES:php-imap-0:4.3.2-11.1.ent.s390",
"3ES:php-imap-0:4.3.2-11.1.ent.s390x",
"3ES:php-imap-0:4.3.2-11.1.ent.x86_64",
"3ES:php-ldap-0:4.3.2-11.1.ent.i386",
"3ES:php-ldap-0:4.3.2-11.1.ent.ia64",
"3ES:php-ldap-0:4.3.2-11.1.ent.ppc",
"3ES:php-ldap-0:4.3.2-11.1.ent.s390",
"3ES:php-ldap-0:4.3.2-11.1.ent.s390x",
"3ES:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3ES:php-mysql-0:4.3.2-11.1.ent.i386",
"3ES:php-mysql-0:4.3.2-11.1.ent.ia64",
"3ES:php-mysql-0:4.3.2-11.1.ent.ppc",
"3ES:php-mysql-0:4.3.2-11.1.ent.s390",
"3ES:php-mysql-0:4.3.2-11.1.ent.s390x",
"3ES:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3ES:php-odbc-0:4.3.2-11.1.ent.i386",
"3ES:php-odbc-0:4.3.2-11.1.ent.ia64",
"3ES:php-odbc-0:4.3.2-11.1.ent.ppc",
"3ES:php-odbc-0:4.3.2-11.1.ent.s390",
"3ES:php-odbc-0:4.3.2-11.1.ent.s390x",
"3ES:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3ES:php-pgsql-0:4.3.2-11.1.ent.i386",
"3ES:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3ES:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3ES:php-pgsql-0:4.3.2-11.1.ent.s390",
"3ES:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3ES:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3WS:php-0:4.3.2-11.1.ent.i386",
"3WS:php-0:4.3.2-11.1.ent.ia64",
"3WS:php-0:4.3.2-11.1.ent.ppc",
"3WS:php-0:4.3.2-11.1.ent.s390",
"3WS:php-0:4.3.2-11.1.ent.s390x",
"3WS:php-0:4.3.2-11.1.ent.src",
"3WS:php-0:4.3.2-11.1.ent.x86_64",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3WS:php-devel-0:4.3.2-11.1.ent.i386",
"3WS:php-devel-0:4.3.2-11.1.ent.ia64",
"3WS:php-devel-0:4.3.2-11.1.ent.ppc",
"3WS:php-devel-0:4.3.2-11.1.ent.s390",
"3WS:php-devel-0:4.3.2-11.1.ent.s390x",
"3WS:php-devel-0:4.3.2-11.1.ent.x86_64",
"3WS:php-imap-0:4.3.2-11.1.ent.i386",
"3WS:php-imap-0:4.3.2-11.1.ent.ia64",
"3WS:php-imap-0:4.3.2-11.1.ent.ppc",
"3WS:php-imap-0:4.3.2-11.1.ent.s390",
"3WS:php-imap-0:4.3.2-11.1.ent.s390x",
"3WS:php-imap-0:4.3.2-11.1.ent.x86_64",
"3WS:php-ldap-0:4.3.2-11.1.ent.i386",
"3WS:php-ldap-0:4.3.2-11.1.ent.ia64",
"3WS:php-ldap-0:4.3.2-11.1.ent.ppc",
"3WS:php-ldap-0:4.3.2-11.1.ent.s390",
"3WS:php-ldap-0:4.3.2-11.1.ent.s390x",
"3WS:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3WS:php-mysql-0:4.3.2-11.1.ent.i386",
"3WS:php-mysql-0:4.3.2-11.1.ent.ia64",
"3WS:php-mysql-0:4.3.2-11.1.ent.ppc",
"3WS:php-mysql-0:4.3.2-11.1.ent.s390",
"3WS:php-mysql-0:4.3.2-11.1.ent.s390x",
"3WS:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3WS:php-odbc-0:4.3.2-11.1.ent.i386",
"3WS:php-odbc-0:4.3.2-11.1.ent.ia64",
"3WS:php-odbc-0:4.3.2-11.1.ent.ppc",
"3WS:php-odbc-0:4.3.2-11.1.ent.s390",
"3WS:php-odbc-0:4.3.2-11.1.ent.s390x",
"3WS:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3WS:php-pgsql-0:4.3.2-11.1.ent.i386",
"3WS:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3WS:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3WS:php-pgsql-0:4.3.2-11.1.ent.s390",
"3WS:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3WS:php-pgsql-0:4.3.2-11.1.ent.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0594"
},
{
"category": "external",
"summary": "RHBZ#1617233",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617233"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0594",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0594"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0594",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0594"
}
],
"release_date": "2004-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-07-19T20:42:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"3AS:php-0:4.3.2-11.1.ent.i386",
"3AS:php-0:4.3.2-11.1.ent.ia64",
"3AS:php-0:4.3.2-11.1.ent.ppc",
"3AS:php-0:4.3.2-11.1.ent.s390",
"3AS:php-0:4.3.2-11.1.ent.s390x",
"3AS:php-0:4.3.2-11.1.ent.src",
"3AS:php-0:4.3.2-11.1.ent.x86_64",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3AS:php-devel-0:4.3.2-11.1.ent.i386",
"3AS:php-devel-0:4.3.2-11.1.ent.ia64",
"3AS:php-devel-0:4.3.2-11.1.ent.ppc",
"3AS:php-devel-0:4.3.2-11.1.ent.s390",
"3AS:php-devel-0:4.3.2-11.1.ent.s390x",
"3AS:php-devel-0:4.3.2-11.1.ent.x86_64",
"3AS:php-imap-0:4.3.2-11.1.ent.i386",
"3AS:php-imap-0:4.3.2-11.1.ent.ia64",
"3AS:php-imap-0:4.3.2-11.1.ent.ppc",
"3AS:php-imap-0:4.3.2-11.1.ent.s390",
"3AS:php-imap-0:4.3.2-11.1.ent.s390x",
"3AS:php-imap-0:4.3.2-11.1.ent.x86_64",
"3AS:php-ldap-0:4.3.2-11.1.ent.i386",
"3AS:php-ldap-0:4.3.2-11.1.ent.ia64",
"3AS:php-ldap-0:4.3.2-11.1.ent.ppc",
"3AS:php-ldap-0:4.3.2-11.1.ent.s390",
"3AS:php-ldap-0:4.3.2-11.1.ent.s390x",
"3AS:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3AS:php-mysql-0:4.3.2-11.1.ent.i386",
"3AS:php-mysql-0:4.3.2-11.1.ent.ia64",
"3AS:php-mysql-0:4.3.2-11.1.ent.ppc",
"3AS:php-mysql-0:4.3.2-11.1.ent.s390",
"3AS:php-mysql-0:4.3.2-11.1.ent.s390x",
"3AS:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3AS:php-odbc-0:4.3.2-11.1.ent.i386",
"3AS:php-odbc-0:4.3.2-11.1.ent.ia64",
"3AS:php-odbc-0:4.3.2-11.1.ent.ppc",
"3AS:php-odbc-0:4.3.2-11.1.ent.s390",
"3AS:php-odbc-0:4.3.2-11.1.ent.s390x",
"3AS:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3AS:php-pgsql-0:4.3.2-11.1.ent.i386",
"3AS:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3AS:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3AS:php-pgsql-0:4.3.2-11.1.ent.s390",
"3AS:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3AS:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-0:4.3.2-11.1.ent.i386",
"3Desktop:php-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-0:4.3.2-11.1.ent.s390",
"3Desktop:php-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-0:4.3.2-11.1.ent.src",
"3Desktop:php-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-devel-0:4.3.2-11.1.ent.i386",
"3Desktop:php-devel-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-devel-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-devel-0:4.3.2-11.1.ent.s390",
"3Desktop:php-devel-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-devel-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-imap-0:4.3.2-11.1.ent.i386",
"3Desktop:php-imap-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-imap-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-imap-0:4.3.2-11.1.ent.s390",
"3Desktop:php-imap-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-imap-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.i386",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.s390",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.i386",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.s390",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.i386",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.s390",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.i386",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.s390",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3ES:php-0:4.3.2-11.1.ent.i386",
"3ES:php-0:4.3.2-11.1.ent.ia64",
"3ES:php-0:4.3.2-11.1.ent.ppc",
"3ES:php-0:4.3.2-11.1.ent.s390",
"3ES:php-0:4.3.2-11.1.ent.s390x",
"3ES:php-0:4.3.2-11.1.ent.src",
"3ES:php-0:4.3.2-11.1.ent.x86_64",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3ES:php-devel-0:4.3.2-11.1.ent.i386",
"3ES:php-devel-0:4.3.2-11.1.ent.ia64",
"3ES:php-devel-0:4.3.2-11.1.ent.ppc",
"3ES:php-devel-0:4.3.2-11.1.ent.s390",
"3ES:php-devel-0:4.3.2-11.1.ent.s390x",
"3ES:php-devel-0:4.3.2-11.1.ent.x86_64",
"3ES:php-imap-0:4.3.2-11.1.ent.i386",
"3ES:php-imap-0:4.3.2-11.1.ent.ia64",
"3ES:php-imap-0:4.3.2-11.1.ent.ppc",
"3ES:php-imap-0:4.3.2-11.1.ent.s390",
"3ES:php-imap-0:4.3.2-11.1.ent.s390x",
"3ES:php-imap-0:4.3.2-11.1.ent.x86_64",
"3ES:php-ldap-0:4.3.2-11.1.ent.i386",
"3ES:php-ldap-0:4.3.2-11.1.ent.ia64",
"3ES:php-ldap-0:4.3.2-11.1.ent.ppc",
"3ES:php-ldap-0:4.3.2-11.1.ent.s390",
"3ES:php-ldap-0:4.3.2-11.1.ent.s390x",
"3ES:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3ES:php-mysql-0:4.3.2-11.1.ent.i386",
"3ES:php-mysql-0:4.3.2-11.1.ent.ia64",
"3ES:php-mysql-0:4.3.2-11.1.ent.ppc",
"3ES:php-mysql-0:4.3.2-11.1.ent.s390",
"3ES:php-mysql-0:4.3.2-11.1.ent.s390x",
"3ES:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3ES:php-odbc-0:4.3.2-11.1.ent.i386",
"3ES:php-odbc-0:4.3.2-11.1.ent.ia64",
"3ES:php-odbc-0:4.3.2-11.1.ent.ppc",
"3ES:php-odbc-0:4.3.2-11.1.ent.s390",
"3ES:php-odbc-0:4.3.2-11.1.ent.s390x",
"3ES:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3ES:php-pgsql-0:4.3.2-11.1.ent.i386",
"3ES:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3ES:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3ES:php-pgsql-0:4.3.2-11.1.ent.s390",
"3ES:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3ES:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3WS:php-0:4.3.2-11.1.ent.i386",
"3WS:php-0:4.3.2-11.1.ent.ia64",
"3WS:php-0:4.3.2-11.1.ent.ppc",
"3WS:php-0:4.3.2-11.1.ent.s390",
"3WS:php-0:4.3.2-11.1.ent.s390x",
"3WS:php-0:4.3.2-11.1.ent.src",
"3WS:php-0:4.3.2-11.1.ent.x86_64",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3WS:php-devel-0:4.3.2-11.1.ent.i386",
"3WS:php-devel-0:4.3.2-11.1.ent.ia64",
"3WS:php-devel-0:4.3.2-11.1.ent.ppc",
"3WS:php-devel-0:4.3.2-11.1.ent.s390",
"3WS:php-devel-0:4.3.2-11.1.ent.s390x",
"3WS:php-devel-0:4.3.2-11.1.ent.x86_64",
"3WS:php-imap-0:4.3.2-11.1.ent.i386",
"3WS:php-imap-0:4.3.2-11.1.ent.ia64",
"3WS:php-imap-0:4.3.2-11.1.ent.ppc",
"3WS:php-imap-0:4.3.2-11.1.ent.s390",
"3WS:php-imap-0:4.3.2-11.1.ent.s390x",
"3WS:php-imap-0:4.3.2-11.1.ent.x86_64",
"3WS:php-ldap-0:4.3.2-11.1.ent.i386",
"3WS:php-ldap-0:4.3.2-11.1.ent.ia64",
"3WS:php-ldap-0:4.3.2-11.1.ent.ppc",
"3WS:php-ldap-0:4.3.2-11.1.ent.s390",
"3WS:php-ldap-0:4.3.2-11.1.ent.s390x",
"3WS:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3WS:php-mysql-0:4.3.2-11.1.ent.i386",
"3WS:php-mysql-0:4.3.2-11.1.ent.ia64",
"3WS:php-mysql-0:4.3.2-11.1.ent.ppc",
"3WS:php-mysql-0:4.3.2-11.1.ent.s390",
"3WS:php-mysql-0:4.3.2-11.1.ent.s390x",
"3WS:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3WS:php-odbc-0:4.3.2-11.1.ent.i386",
"3WS:php-odbc-0:4.3.2-11.1.ent.ia64",
"3WS:php-odbc-0:4.3.2-11.1.ent.ppc",
"3WS:php-odbc-0:4.3.2-11.1.ent.s390",
"3WS:php-odbc-0:4.3.2-11.1.ent.s390x",
"3WS:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3WS:php-pgsql-0:4.3.2-11.1.ent.i386",
"3WS:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3WS:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3WS:php-pgsql-0:4.3.2-11.1.ent.s390",
"3WS:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3WS:php-pgsql-0:4.3.2-11.1.ent.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:392"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-0595",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617234"
}
],
"notes": [
{
"category": "description",
"text": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"3AS:php-0:4.3.2-11.1.ent.i386",
"3AS:php-0:4.3.2-11.1.ent.ia64",
"3AS:php-0:4.3.2-11.1.ent.ppc",
"3AS:php-0:4.3.2-11.1.ent.s390",
"3AS:php-0:4.3.2-11.1.ent.s390x",
"3AS:php-0:4.3.2-11.1.ent.src",
"3AS:php-0:4.3.2-11.1.ent.x86_64",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3AS:php-devel-0:4.3.2-11.1.ent.i386",
"3AS:php-devel-0:4.3.2-11.1.ent.ia64",
"3AS:php-devel-0:4.3.2-11.1.ent.ppc",
"3AS:php-devel-0:4.3.2-11.1.ent.s390",
"3AS:php-devel-0:4.3.2-11.1.ent.s390x",
"3AS:php-devel-0:4.3.2-11.1.ent.x86_64",
"3AS:php-imap-0:4.3.2-11.1.ent.i386",
"3AS:php-imap-0:4.3.2-11.1.ent.ia64",
"3AS:php-imap-0:4.3.2-11.1.ent.ppc",
"3AS:php-imap-0:4.3.2-11.1.ent.s390",
"3AS:php-imap-0:4.3.2-11.1.ent.s390x",
"3AS:php-imap-0:4.3.2-11.1.ent.x86_64",
"3AS:php-ldap-0:4.3.2-11.1.ent.i386",
"3AS:php-ldap-0:4.3.2-11.1.ent.ia64",
"3AS:php-ldap-0:4.3.2-11.1.ent.ppc",
"3AS:php-ldap-0:4.3.2-11.1.ent.s390",
"3AS:php-ldap-0:4.3.2-11.1.ent.s390x",
"3AS:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3AS:php-mysql-0:4.3.2-11.1.ent.i386",
"3AS:php-mysql-0:4.3.2-11.1.ent.ia64",
"3AS:php-mysql-0:4.3.2-11.1.ent.ppc",
"3AS:php-mysql-0:4.3.2-11.1.ent.s390",
"3AS:php-mysql-0:4.3.2-11.1.ent.s390x",
"3AS:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3AS:php-odbc-0:4.3.2-11.1.ent.i386",
"3AS:php-odbc-0:4.3.2-11.1.ent.ia64",
"3AS:php-odbc-0:4.3.2-11.1.ent.ppc",
"3AS:php-odbc-0:4.3.2-11.1.ent.s390",
"3AS:php-odbc-0:4.3.2-11.1.ent.s390x",
"3AS:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3AS:php-pgsql-0:4.3.2-11.1.ent.i386",
"3AS:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3AS:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3AS:php-pgsql-0:4.3.2-11.1.ent.s390",
"3AS:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3AS:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-0:4.3.2-11.1.ent.i386",
"3Desktop:php-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-0:4.3.2-11.1.ent.s390",
"3Desktop:php-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-0:4.3.2-11.1.ent.src",
"3Desktop:php-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-devel-0:4.3.2-11.1.ent.i386",
"3Desktop:php-devel-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-devel-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-devel-0:4.3.2-11.1.ent.s390",
"3Desktop:php-devel-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-devel-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-imap-0:4.3.2-11.1.ent.i386",
"3Desktop:php-imap-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-imap-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-imap-0:4.3.2-11.1.ent.s390",
"3Desktop:php-imap-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-imap-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.i386",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.s390",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.i386",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.s390",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.i386",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.s390",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.i386",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.s390",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3ES:php-0:4.3.2-11.1.ent.i386",
"3ES:php-0:4.3.2-11.1.ent.ia64",
"3ES:php-0:4.3.2-11.1.ent.ppc",
"3ES:php-0:4.3.2-11.1.ent.s390",
"3ES:php-0:4.3.2-11.1.ent.s390x",
"3ES:php-0:4.3.2-11.1.ent.src",
"3ES:php-0:4.3.2-11.1.ent.x86_64",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3ES:php-devel-0:4.3.2-11.1.ent.i386",
"3ES:php-devel-0:4.3.2-11.1.ent.ia64",
"3ES:php-devel-0:4.3.2-11.1.ent.ppc",
"3ES:php-devel-0:4.3.2-11.1.ent.s390",
"3ES:php-devel-0:4.3.2-11.1.ent.s390x",
"3ES:php-devel-0:4.3.2-11.1.ent.x86_64",
"3ES:php-imap-0:4.3.2-11.1.ent.i386",
"3ES:php-imap-0:4.3.2-11.1.ent.ia64",
"3ES:php-imap-0:4.3.2-11.1.ent.ppc",
"3ES:php-imap-0:4.3.2-11.1.ent.s390",
"3ES:php-imap-0:4.3.2-11.1.ent.s390x",
"3ES:php-imap-0:4.3.2-11.1.ent.x86_64",
"3ES:php-ldap-0:4.3.2-11.1.ent.i386",
"3ES:php-ldap-0:4.3.2-11.1.ent.ia64",
"3ES:php-ldap-0:4.3.2-11.1.ent.ppc",
"3ES:php-ldap-0:4.3.2-11.1.ent.s390",
"3ES:php-ldap-0:4.3.2-11.1.ent.s390x",
"3ES:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3ES:php-mysql-0:4.3.2-11.1.ent.i386",
"3ES:php-mysql-0:4.3.2-11.1.ent.ia64",
"3ES:php-mysql-0:4.3.2-11.1.ent.ppc",
"3ES:php-mysql-0:4.3.2-11.1.ent.s390",
"3ES:php-mysql-0:4.3.2-11.1.ent.s390x",
"3ES:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3ES:php-odbc-0:4.3.2-11.1.ent.i386",
"3ES:php-odbc-0:4.3.2-11.1.ent.ia64",
"3ES:php-odbc-0:4.3.2-11.1.ent.ppc",
"3ES:php-odbc-0:4.3.2-11.1.ent.s390",
"3ES:php-odbc-0:4.3.2-11.1.ent.s390x",
"3ES:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3ES:php-pgsql-0:4.3.2-11.1.ent.i386",
"3ES:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3ES:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3ES:php-pgsql-0:4.3.2-11.1.ent.s390",
"3ES:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3ES:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3WS:php-0:4.3.2-11.1.ent.i386",
"3WS:php-0:4.3.2-11.1.ent.ia64",
"3WS:php-0:4.3.2-11.1.ent.ppc",
"3WS:php-0:4.3.2-11.1.ent.s390",
"3WS:php-0:4.3.2-11.1.ent.s390x",
"3WS:php-0:4.3.2-11.1.ent.src",
"3WS:php-0:4.3.2-11.1.ent.x86_64",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3WS:php-devel-0:4.3.2-11.1.ent.i386",
"3WS:php-devel-0:4.3.2-11.1.ent.ia64",
"3WS:php-devel-0:4.3.2-11.1.ent.ppc",
"3WS:php-devel-0:4.3.2-11.1.ent.s390",
"3WS:php-devel-0:4.3.2-11.1.ent.s390x",
"3WS:php-devel-0:4.3.2-11.1.ent.x86_64",
"3WS:php-imap-0:4.3.2-11.1.ent.i386",
"3WS:php-imap-0:4.3.2-11.1.ent.ia64",
"3WS:php-imap-0:4.3.2-11.1.ent.ppc",
"3WS:php-imap-0:4.3.2-11.1.ent.s390",
"3WS:php-imap-0:4.3.2-11.1.ent.s390x",
"3WS:php-imap-0:4.3.2-11.1.ent.x86_64",
"3WS:php-ldap-0:4.3.2-11.1.ent.i386",
"3WS:php-ldap-0:4.3.2-11.1.ent.ia64",
"3WS:php-ldap-0:4.3.2-11.1.ent.ppc",
"3WS:php-ldap-0:4.3.2-11.1.ent.s390",
"3WS:php-ldap-0:4.3.2-11.1.ent.s390x",
"3WS:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3WS:php-mysql-0:4.3.2-11.1.ent.i386",
"3WS:php-mysql-0:4.3.2-11.1.ent.ia64",
"3WS:php-mysql-0:4.3.2-11.1.ent.ppc",
"3WS:php-mysql-0:4.3.2-11.1.ent.s390",
"3WS:php-mysql-0:4.3.2-11.1.ent.s390x",
"3WS:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3WS:php-odbc-0:4.3.2-11.1.ent.i386",
"3WS:php-odbc-0:4.3.2-11.1.ent.ia64",
"3WS:php-odbc-0:4.3.2-11.1.ent.ppc",
"3WS:php-odbc-0:4.3.2-11.1.ent.s390",
"3WS:php-odbc-0:4.3.2-11.1.ent.s390x",
"3WS:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3WS:php-pgsql-0:4.3.2-11.1.ent.i386",
"3WS:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3WS:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3WS:php-pgsql-0:4.3.2-11.1.ent.s390",
"3WS:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3WS:php-pgsql-0:4.3.2-11.1.ent.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0595"
},
{
"category": "external",
"summary": "RHBZ#1617234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0595",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0595"
}
],
"release_date": "2004-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-07-19T20:42:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"3AS:php-0:4.3.2-11.1.ent.i386",
"3AS:php-0:4.3.2-11.1.ent.ia64",
"3AS:php-0:4.3.2-11.1.ent.ppc",
"3AS:php-0:4.3.2-11.1.ent.s390",
"3AS:php-0:4.3.2-11.1.ent.s390x",
"3AS:php-0:4.3.2-11.1.ent.src",
"3AS:php-0:4.3.2-11.1.ent.x86_64",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3AS:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3AS:php-devel-0:4.3.2-11.1.ent.i386",
"3AS:php-devel-0:4.3.2-11.1.ent.ia64",
"3AS:php-devel-0:4.3.2-11.1.ent.ppc",
"3AS:php-devel-0:4.3.2-11.1.ent.s390",
"3AS:php-devel-0:4.3.2-11.1.ent.s390x",
"3AS:php-devel-0:4.3.2-11.1.ent.x86_64",
"3AS:php-imap-0:4.3.2-11.1.ent.i386",
"3AS:php-imap-0:4.3.2-11.1.ent.ia64",
"3AS:php-imap-0:4.3.2-11.1.ent.ppc",
"3AS:php-imap-0:4.3.2-11.1.ent.s390",
"3AS:php-imap-0:4.3.2-11.1.ent.s390x",
"3AS:php-imap-0:4.3.2-11.1.ent.x86_64",
"3AS:php-ldap-0:4.3.2-11.1.ent.i386",
"3AS:php-ldap-0:4.3.2-11.1.ent.ia64",
"3AS:php-ldap-0:4.3.2-11.1.ent.ppc",
"3AS:php-ldap-0:4.3.2-11.1.ent.s390",
"3AS:php-ldap-0:4.3.2-11.1.ent.s390x",
"3AS:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3AS:php-mysql-0:4.3.2-11.1.ent.i386",
"3AS:php-mysql-0:4.3.2-11.1.ent.ia64",
"3AS:php-mysql-0:4.3.2-11.1.ent.ppc",
"3AS:php-mysql-0:4.3.2-11.1.ent.s390",
"3AS:php-mysql-0:4.3.2-11.1.ent.s390x",
"3AS:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3AS:php-odbc-0:4.3.2-11.1.ent.i386",
"3AS:php-odbc-0:4.3.2-11.1.ent.ia64",
"3AS:php-odbc-0:4.3.2-11.1.ent.ppc",
"3AS:php-odbc-0:4.3.2-11.1.ent.s390",
"3AS:php-odbc-0:4.3.2-11.1.ent.s390x",
"3AS:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3AS:php-pgsql-0:4.3.2-11.1.ent.i386",
"3AS:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3AS:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3AS:php-pgsql-0:4.3.2-11.1.ent.s390",
"3AS:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3AS:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-0:4.3.2-11.1.ent.i386",
"3Desktop:php-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-0:4.3.2-11.1.ent.s390",
"3Desktop:php-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-0:4.3.2-11.1.ent.src",
"3Desktop:php-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-devel-0:4.3.2-11.1.ent.i386",
"3Desktop:php-devel-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-devel-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-devel-0:4.3.2-11.1.ent.s390",
"3Desktop:php-devel-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-devel-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-imap-0:4.3.2-11.1.ent.i386",
"3Desktop:php-imap-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-imap-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-imap-0:4.3.2-11.1.ent.s390",
"3Desktop:php-imap-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-imap-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.i386",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.s390",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.i386",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.s390",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.i386",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.s390",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.i386",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.s390",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3Desktop:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3ES:php-0:4.3.2-11.1.ent.i386",
"3ES:php-0:4.3.2-11.1.ent.ia64",
"3ES:php-0:4.3.2-11.1.ent.ppc",
"3ES:php-0:4.3.2-11.1.ent.s390",
"3ES:php-0:4.3.2-11.1.ent.s390x",
"3ES:php-0:4.3.2-11.1.ent.src",
"3ES:php-0:4.3.2-11.1.ent.x86_64",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3ES:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3ES:php-devel-0:4.3.2-11.1.ent.i386",
"3ES:php-devel-0:4.3.2-11.1.ent.ia64",
"3ES:php-devel-0:4.3.2-11.1.ent.ppc",
"3ES:php-devel-0:4.3.2-11.1.ent.s390",
"3ES:php-devel-0:4.3.2-11.1.ent.s390x",
"3ES:php-devel-0:4.3.2-11.1.ent.x86_64",
"3ES:php-imap-0:4.3.2-11.1.ent.i386",
"3ES:php-imap-0:4.3.2-11.1.ent.ia64",
"3ES:php-imap-0:4.3.2-11.1.ent.ppc",
"3ES:php-imap-0:4.3.2-11.1.ent.s390",
"3ES:php-imap-0:4.3.2-11.1.ent.s390x",
"3ES:php-imap-0:4.3.2-11.1.ent.x86_64",
"3ES:php-ldap-0:4.3.2-11.1.ent.i386",
"3ES:php-ldap-0:4.3.2-11.1.ent.ia64",
"3ES:php-ldap-0:4.3.2-11.1.ent.ppc",
"3ES:php-ldap-0:4.3.2-11.1.ent.s390",
"3ES:php-ldap-0:4.3.2-11.1.ent.s390x",
"3ES:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3ES:php-mysql-0:4.3.2-11.1.ent.i386",
"3ES:php-mysql-0:4.3.2-11.1.ent.ia64",
"3ES:php-mysql-0:4.3.2-11.1.ent.ppc",
"3ES:php-mysql-0:4.3.2-11.1.ent.s390",
"3ES:php-mysql-0:4.3.2-11.1.ent.s390x",
"3ES:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3ES:php-odbc-0:4.3.2-11.1.ent.i386",
"3ES:php-odbc-0:4.3.2-11.1.ent.ia64",
"3ES:php-odbc-0:4.3.2-11.1.ent.ppc",
"3ES:php-odbc-0:4.3.2-11.1.ent.s390",
"3ES:php-odbc-0:4.3.2-11.1.ent.s390x",
"3ES:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3ES:php-pgsql-0:4.3.2-11.1.ent.i386",
"3ES:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3ES:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3ES:php-pgsql-0:4.3.2-11.1.ent.s390",
"3ES:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3ES:php-pgsql-0:4.3.2-11.1.ent.x86_64",
"3WS:php-0:4.3.2-11.1.ent.i386",
"3WS:php-0:4.3.2-11.1.ent.ia64",
"3WS:php-0:4.3.2-11.1.ent.ppc",
"3WS:php-0:4.3.2-11.1.ent.s390",
"3WS:php-0:4.3.2-11.1.ent.s390x",
"3WS:php-0:4.3.2-11.1.ent.src",
"3WS:php-0:4.3.2-11.1.ent.x86_64",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.i386",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.ia64",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.ppc",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.s390",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.s390x",
"3WS:php-debuginfo-0:4.3.2-11.1.ent.x86_64",
"3WS:php-devel-0:4.3.2-11.1.ent.i386",
"3WS:php-devel-0:4.3.2-11.1.ent.ia64",
"3WS:php-devel-0:4.3.2-11.1.ent.ppc",
"3WS:php-devel-0:4.3.2-11.1.ent.s390",
"3WS:php-devel-0:4.3.2-11.1.ent.s390x",
"3WS:php-devel-0:4.3.2-11.1.ent.x86_64",
"3WS:php-imap-0:4.3.2-11.1.ent.i386",
"3WS:php-imap-0:4.3.2-11.1.ent.ia64",
"3WS:php-imap-0:4.3.2-11.1.ent.ppc",
"3WS:php-imap-0:4.3.2-11.1.ent.s390",
"3WS:php-imap-0:4.3.2-11.1.ent.s390x",
"3WS:php-imap-0:4.3.2-11.1.ent.x86_64",
"3WS:php-ldap-0:4.3.2-11.1.ent.i386",
"3WS:php-ldap-0:4.3.2-11.1.ent.ia64",
"3WS:php-ldap-0:4.3.2-11.1.ent.ppc",
"3WS:php-ldap-0:4.3.2-11.1.ent.s390",
"3WS:php-ldap-0:4.3.2-11.1.ent.s390x",
"3WS:php-ldap-0:4.3.2-11.1.ent.x86_64",
"3WS:php-mysql-0:4.3.2-11.1.ent.i386",
"3WS:php-mysql-0:4.3.2-11.1.ent.ia64",
"3WS:php-mysql-0:4.3.2-11.1.ent.ppc",
"3WS:php-mysql-0:4.3.2-11.1.ent.s390",
"3WS:php-mysql-0:4.3.2-11.1.ent.s390x",
"3WS:php-mysql-0:4.3.2-11.1.ent.x86_64",
"3WS:php-odbc-0:4.3.2-11.1.ent.i386",
"3WS:php-odbc-0:4.3.2-11.1.ent.ia64",
"3WS:php-odbc-0:4.3.2-11.1.ent.ppc",
"3WS:php-odbc-0:4.3.2-11.1.ent.s390",
"3WS:php-odbc-0:4.3.2-11.1.ent.s390x",
"3WS:php-odbc-0:4.3.2-11.1.ent.x86_64",
"3WS:php-pgsql-0:4.3.2-11.1.ent.i386",
"3WS:php-pgsql-0:4.3.2-11.1.ent.ia64",
"3WS:php-pgsql-0:4.3.2-11.1.ent.ppc",
"3WS:php-pgsql-0:4.3.2-11.1.ent.s390",
"3WS:php-pgsql-0:4.3.2-11.1.ent.s390x",
"3WS:php-pgsql-0:4.3.2-11.1.ent.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:392"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
}
]
}
rhsa-2004_395
Vulnerability from csaf_redhat
Published
2004-07-19 15:24
Modified
2024-11-14 10:03
Summary
Red Hat Security Advisory: php security update
Notes
Topic
Updated php packages that fix various security issues are now available.
Details
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP server.
Stefan Esser discovered a flaw when memory_limit configuration setting is
enabled in versions of PHP 4 before 4.3.8. If a remote attacker could
force the PHP interpreter to allocate more memory than the memory_limit
setting before script execution begins, then the attacker may be
able to supply the contents of a PHP hash table remotely. This hash table
could then be used to execute arbitrary code as the 'apache' user. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0594 to this issue.
This issue may be exploitable if using the default PHP configuration with
the "register_globals" setting of "On". The Apache memory exhaustion bug,
fixed in a previous update to Red Hat Enterprise Linux 3, may also allow
this PHP issue to be exploited; this Apache bug does not affect Red Hat
Enterprise Linux 2.1.
Stefan Esser discovered a flaw in the strip_tags function in versions of
PHP before 4.3.8. The strip_tags function is commonly used by PHP scripts
to prevent Cross-Site-Scripting attacks by removing HTML tags from
user-supplied form data. By embedding NUL bytes into form data, HTML tags
can in some cases be passed intact through the strip_tags function, which
may allow a Cross-Site-Scripting attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0595 to
this issue.
All users of PHP are advised to upgrade to these updated packages, which
contain backported patches that address these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated php packages that fix various security issues are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP server.\n\nStefan Esser discovered a flaw when memory_limit configuration setting is\nenabled in versions of PHP 4 before 4.3.8. If a remote attacker could\nforce the PHP interpreter to allocate more memory than the memory_limit\nsetting before script execution begins, then the attacker may be\nable to supply the contents of a PHP hash table remotely. This hash table\ncould then be used to execute arbitrary code as the \u0027apache\u0027 user. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0594 to this issue.\n\nThis issue may be exploitable if using the default PHP configuration with\nthe \"register_globals\" setting of \"On\". The Apache memory exhaustion bug,\nfixed in a previous update to Red Hat Enterprise Linux 3, may also allow\nthis PHP issue to be exploited; this Apache bug does not affect Red Hat\nEnterprise Linux 2.1.\n\nStefan Esser discovered a flaw in the strip_tags function in versions of\nPHP before 4.3.8. The strip_tags function is commonly used by PHP scripts\nto prevent Cross-Site-Scripting attacks by removing HTML tags from\nuser-supplied form data. By embedding NUL bytes into form data, HTML tags\ncan in some cases be passed intact through the strip_tags function, which\nmay allow a Cross-Site-Scripting attack. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2004-0595 to\nthis issue.\n\nAll users of PHP are advised to upgrade to these updated packages, which\ncontain backported patches that address these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2004:395",
"url": "https://access.redhat.com/errata/RHSA-2004:395"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "127642",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=127642"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2004/rhsa-2004_395.json"
}
],
"title": "Red Hat Security Advisory: php security update",
"tracking": {
"current_release_date": "2024-11-14T10:03:24+00:00",
"generator": {
"date": "2024-11-14T10:03:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2004:395",
"initial_release_date": "2004-07-19T15:24:00+00:00",
"revision_history": [
{
"date": "2004-07-19T15:24:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2004-07-19T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T10:03:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product": {
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Linux Advanced Workstation 2.1",
"product": {
"name": "Red Hat Linux Advanced Workstation 2.1",
"product_id": "Red Hat Linux Advanced Workstation 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 2.1",
"product": {
"name": "Red Hat Enterprise Linux ES version 2.1",
"product_id": "Red Hat Enterprise Linux ES version 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 2.1",
"product": {
"name": "Red Hat Enterprise Linux WS version 2.1",
"product_id": "Red Hat Enterprise Linux WS version 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2004-0594",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617233"
}
],
"notes": [
{
"category": "description",
"text": "The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0594"
},
{
"category": "external",
"summary": "RHBZ#1617233",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617233"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0594",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0594"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0594",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0594"
}
],
"release_date": "2004-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-07-19T15:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:395"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-0595",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617234"
}
],
"notes": [
{
"category": "description",
"text": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0595"
},
{
"category": "external",
"summary": "RHBZ#1617234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0595",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0595"
}
],
"release_date": "2004-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-07-19T15:24:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:395"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
}
]
}
gsd-2004-0595
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2004-0595",
"description": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.",
"id": "GSD-2004-0595",
"references": [
"https://www.suse.com/security/cve/CVE-2004-0595.html",
"https://www.debian.org/security/2005/dsa-669",
"https://www.debian.org/security/2004/dsa-531",
"https://access.redhat.com/errata/RHSA-2005:816",
"https://access.redhat.com/errata/RHSA-2004:405",
"https://access.redhat.com/errata/RHSA-2004:395",
"https://access.redhat.com/errata/RHSA-2004:392"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2004-0595"
],
"details": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.",
"id": "GSD-2004-0595",
"modified": "2023-12-13T01:22:54.374478Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0595",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2004:847",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "20040714 TSSA-2004-013 - php",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "DSA-669",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "oval:org.mitre.oval:def:10619",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
},
{
"name": "RHSA-2004:395",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "RHSA-2004:392",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "DSA-531",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "SUSE-SA:2004:021",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "MDKSA-2004:068",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "php-strip-tag-bypass(16692)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"name": "RHSA-2005:816",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "SSRT4777",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "10724",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10724"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "GLSA-200407-13",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"name": "20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0595"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10724",
"refsource": "BID",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10724"
},
{
"name": "DSA-531",
"refsource": "DEBIAN",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability",
"refsource": "FULLDISC",
"tags": [],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
},
{
"name": "DSA-669",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "MDKSA-2004:068",
"refsource": "MANDRAKE",
"tags": [],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "RHSA-2004:392",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "RHSA-2004:395",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "SUSE-SA:2004:021",
"refsource": "SUSE",
"tags": [],
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "GLSA-200407-13",
"refsource": "GENTOO",
"tags": [],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"name": "CLA-2004:847",
"refsource": "CONECTIVA",
"tags": [],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "RHSA-2005:816",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "SSRT4777",
"refsource": "HP",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "20040714 TSSA-2004-013 - php",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "php-strip-tag-bypass(16692)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"name": "oval:org.mitre.oval:def:10619",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-30T16:25Z",
"publishedDate": "2004-07-27T04:00Z"
}
}
}
ghsa-h8wj-59vf-r37g
Vulnerability from github
Published
2022-04-29 02:58
Modified
2022-04-29 02:58
Details
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
{
"affected": [],
"aliases": [
"CVE-2004-0595"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2004-07-27T04:00:00Z",
"severity": "MODERATE"
},
"details": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.",
"id": "GHSA-h8wj-59vf-r37g",
"modified": "2022-04-29T02:58:01Z",
"published": "2022-04-29T02:58:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0595"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
},
{
"type": "WEB",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"type": "WEB",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"type": "WEB",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"type": "WEB",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"type": "WEB",
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/10724"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.