PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Php | Php | 4.0 (including) | 4.0 (including) |
Php | Php | 4.0.1 (including) | 4.0.1 (including) |
Php | Php | 4.0.3 (including) | 4.0.3 (including) |
Php | Php | 4.0.4 (including) | 4.0.4 (including) |