In a posting from the fine folks at PHP Magazine:

In this weeks Security Alerts (an overview of recent Unix and open source security advisories), Noel davis looks at problems in PHP, Perl, the GNU C Library, OpenBSD, FreeBSD, NetBSD, Oracle9i, RealOne, RealPlayer, CVSup, gaim, GNU libtool, and mailman.

"It has been reported that, under some conditions, PHP can leak the contents of variables from one virtual host to another virtual host on the same machine. According to the report, one of the conditions is that the variable register_globals = on must be set in the system php.ini file and that some virtual hosts have register_globals = off in their .htaccess configuration file.

Affected users should watch their vendors for an updated version of PHP. It is also suggested that for systems with virtual hosts register_globals be set to off in the system php.ini file unless there is a known reason to have it set to on."

Of course, it would be a register_globals issue - but I know all of you out there have it set to "off", right?