2006-06-15 01:02:00 2018-10-30 17:25:35

zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
PHP PHP 5.1.2 PHP PHP 5.1.1 PHP PHP 5.1.0 PHP PHP 5.0.5 PHP PHP 5.0.4 PHP PHP 5.0.3 PHP PHP 5.0.2 PHP PHP 5.0.1 PHP PHP 5.0.0 RC1 PHP PHP 5.0.0 RC3 PHP PHP 5.0.0 RC2 PHP PHP 5.0.0 Beta4 PHP PHP 5.0.0 Beta3 PHP PHP 5.0.0 Beta2 PHP PHP 5.0.0 Beta1 PHP PHP 5.0.0 Php Php 5.0 Rc3 (not an official CPE) Php Php 5.0 Rc2 (not an official CPE) Php Php 5.0 Rc1 (not an official CPE) PHP PHP 4.4.2 PHP PHP 4.4.1 PHP PHP 4.4.0 PHP PHP 4.3.11 PHP PHP 4.3.10 PHP PHP 4.3.9 PHP PHP 4.3.8 PHP PHP 4.3.7 PHP PHP 4.3.6 PHP PHP 4.3.5 PHP PHP 4.3.4 PHP PHP 4.3.3 PHP PHP 4.3.2 PHP PHP 4.3.1 PHP PHP 4.3.0 PHP PHP 4.2.3 PHP PHP 4.2.2 PHP PHP 4.2.1 PHP PHP 4.2.0 Php Php 4.2 Dev (not an official CPE) PHP PHP 4.1.2 PHP PHP 4.1.1 PHP PHP 4.1.0 Php Php 4.0.7 Rc3 (not an official CPE) Php Php 4.0.7 Rc2 (not an official CPE) Php Php 4.0.7 Rc1 (not an official CPE) PHP PHP 4.0.7 PHP PHP 4.0.6 PHP PHP 4.0.5 Php Php 4.0.4 Patch1 (not an official CPE) PHP PHP 4.0.4 Php Php 4.0.3 Patch1 (not an official CPE) PHP PHP 4.0.3 PHP PHP 4.0.2 Php Php 4.0.1 Patch2 (not an official CPE) Php Php 4.0.1 Patch1 (not an official CPE) PHP PHP 4.0.1 PHP PHP 4.0.0 Php Php 4.0 Rc2 (not an official CPE) Php Php 4.0 Rc1 (not an official CPE) PHP PHP 4.0 Beta 3 PHP PHP 4.0 Beta 4 PHP PHP 4.0 Beta 4 Patch Level 1 PHP PHP 4.0 Beta 2 PHP PHP 4.0 Beta 1 Php Php 4.0 (not an official CPE) PHP PHP 3.0.18 PHP PHP 3.0.17 PHP PHP 3.0.16 PHP PHP 3.0.15 PHP PHP 3.0.14 PHP PHP 3.0.13 PHP PHP 3.0.12 PHP PHP 3.0.11 PHP PHP 3.0.10 PHP PHP 3.0.9 PHP PHP 3.0.8 PHP PHP 3.0.7 PHP PHP 3.0.6 PHP PHP 3.0.5 PHP PHP 3.0.4 PHP PHP 3.0.3 PHP PHP 3.0.2 PHP PHP 3.0.1 PHP PHP 3.0 Php Php Pl1 (not an official CPE)