PHP Security Advisory – PHP 4.3.0 contains a bug that allows direct access to the PHP binary via the CGI SAPI which allows remote attackers to trick the server into executing arbitrary PHP code. PHP 4.3.1 fixes the vulnerability.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/30833/php.cgi.txt
Source: https://packetstormsecurity.com/files/30833/php.cgi.txt.html