Lucene search

PRIOn knowledge basePRION:CVE-2007-4652

HistorySep 04, 2007 - 7:17 p.m.

Design/Logic Flaw

2007-09-0419:17:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.3%

The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.

CPENameOperatorVersion
phpeq4.3.9
phpeq4.4.9
phpeq3.0
phpeq4.0 beta1
phpeq3.0.5
phpeq3.0.11
phpeq5.1.5
phpeq5.1.2
phpeq4.0 beta4
phpeq4.2.0

Name	Operator	Version
php	eq	4.3.9
php	eq	4.4.9
php	eq	3.0
php	eq	4.0 beta1
php	eq	3.0.5
php	eq	3.0.11
php	eq	5.1.5
php	eq	5.1.2
php	eq	4.0 beta4
php	eq	4.2.0

Rows per page:

1-10 of 881

References

secunia.com/advisories/26642

secunia.com/advisories/26822

secunia.com/advisories/26838

secunia.com/advisories/27102

secunia.com/advisories/27377

www.gentoo.org/security/en/glsa/glsa-200710-02.xml

www.php.net/ChangeLog-5.php

www.php.net/releases/5_2_4.php

www.trustix.org/errata/2007/0026/

www.vupen.com/english/advisories/2007/3023

exchange.xforce.ibmcloud.com/vulnerabilities/36387

issues.rpath.com/browse/RPL-1693

issues.rpath.com/browse/RPL-1702