Php · Php · CVE-2008-0599
**Name of the Vulnerable Software and Affected Versions**
PHP versions prior to 5.2.6
**Description**
The issue arises from the init request info function in sapi/cgi/cgi main.c, which does not properly consider operator precedence when calculating the length of PATH TRANSLATED. This might allow remote attackers to execute arbitrary code via a crafted URI.
**Recommendations**
For versions prior to 5.2.6, update to version 5.2.6 or later to resolve the issue.