CVE-2002-0121

PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.

Published : 2002-03-25 05:00 Updated : 2008-09-11 00:00

2.1
CVSS Score More info
Score 2.1 / 10
2.1
Vendor Product Version URI
Php Php 4.0.5 cpe:/a:php:php:4.0.5
Php Php 4.0.4 cpe:/a:php:php:4.0.4
Php Php 4.0.6 cpe:/a:php:php:4.0.6
Php Php 4.1.0 cpe:/a:php:php:4.1.0
Php Php 4.1.2 cpe:/a:php:php:4.1.2
  1. Php (1) Search CVE
    1. Php (5) Search CVE
      1. 4.0.5
      2. 4.0.4
      3. 4.0.6
      4. 4.1.0
      5. 4.1.2

CWE

There is no CWE for this CVE.

History of changes

Date Event
2002-03-25 05:00

New CVE