Lucene search
PRIOn knowledge basePRION:CVE-2007-0448HistoryMay 24, 2007 - 6:30 p.m.
Design/Logic Flaw
2007-05-2418:30:00
PRIOn knowledge base
www.prio-n.com
2
6.7 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.011 Low
EPSS
Percentile
84.4%
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI.
Related
securityvulns
securityvulns
PHP Safe Mod protection bypass
2007-01-28 00:00:00
[Full-disclosure] PHP 5.2.0 safe_mode bypass (by Writing Mode)
2007-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2007-0448
2007-05-24 00:00:00
redhatcve
redhatcve
CVE-2007-0448
2015-10-30 09:34:55
cve
cve
CVE-2007-0448
2007-05-24 18:30:00
openvas
openvas
PHP < 5.2.0 Multiple Vulnerabilities
2020-08-17 00:00:00
PHP < 5.2.0 Multiple Vulnerabilities
2012-06-21 00:00:00
nessus
nessus
PHP 5.x < 5.2 Multiple Vulnerabilities
2008-03-25 00:00:00
6.7 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.011 Low
EPSS
Percentile
84.4%
Related for PRION:CVE-2007-0448