CVE-2006-0208
Publication date 13 January 2006
Last updated 24 July 2024
Ubuntu priority
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.
Status
Package | Ubuntu Release | Status |
---|---|---|
php4 | 7.04 feisty | Not in release |
6.10 edgy |
Fixed 4.4.2-1build1
|
|
6.06 LTS dapper |
Fixed 4.4.2-1build1
|
|
php5 | 7.04 feisty |
Fixed 5.2.1-0ubuntu1.4
|
6.10 edgy |
Fixed 5.1.6-1ubuntu2.6
|
|
6.06 LTS dapper |
Fixed 5.1.2-1ubuntu3.9
|