[原文]The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
PHP contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when mod_php is used with Apache and the PHP engine is disabled for a given VirtualHost. This may inadvertantly disable the engine for other VirtualHosts and cause Apache to serve PHP source code to clients resulting in a loss of confidentiality.
Upgrade to version 4.0.4pl1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.