It indicates a possible Format string vulnerability in PHP based application.
A format string vulnerability is reported in PHP code that handles error logging. An attacker can craft a string containing malicious format and pass it to logging functions syslog() and vsnprintf() as part of error log. As a result of this an attacker can write arbitrary data to the system and gain access to the system with privilege of web server.
PHP 3.0 and 4.0.
Gain access to the system.
Apply appropriate patch or upgrade to PHP 4.0.3 or higher.