CVE-2002-1783

Name of the Vulnerable Software and Affected Versions PHP versions 4.2.1 through 4.2.3

Description The issue allows remote attackers to modify HTTP headers for outgoing requests by injecting CRLF sequences into arguments passed to the (1) fopen or (2) file functions when allow url fopen is enabled.

Recommendations For PHP versions 4.2.1 through 4.2.3, consider disabling the allow url fopen option as a temporary workaround to minimize the risk of exploitation.