PT-2006-6182 · Php+1 · Php+1

Stefan Esser

Published

2006-11-03

Updated

2018-10-30

CVE-2006-5465

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.2.0

Description The issue allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.

Recommendations For PHP versions prior to 5.2.0, update to version 5.2.0 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5465

DSA-1206-1

RHSA-2006:0730

RHSA-2006:0731

RHSA-2006_0730

Affected Products

Php

Red Hat

PT-2006-6182 · Php+1 · Php+1

CVE-2006-5465

Related Identifiers

Affected Products

References · 54