Lucene search
Redhat.comRH:CVE-2007-1835HistoryOct 30, 2015 - 9:26 a.m.
CVE-2007-1835
2015-10-3009:26:30
redhat.com
access.redhat.com
3
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.1 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.8%
PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path (session.save_path), uses the TMPDIR default after checking the restrictions, which allows local users to bypass open_basedir restrictions.
Related
ubuntucve
ubuntucve
CVE-2007-1835
2007-04-03 00:00:00
cvelist
cvelist
CVE-2007-1835
2007-04-03 00:00:00
cve
cve
CVE-2007-1835
2007-04-03 00:19:00
securityvulns
securityvulns
PHP session.save_path open_basedir protection bypass
2007-03-31 00:00:00
prion
prion
Design/Logic Flaw
2007-04-03 00:19:00
nvd
nvd
CVE-2007-1835
2007-04-03 00:19:00
openvas
openvas
PHP < 4.4.5 Multiple Vulnerabilities
2012-06-21 00:00:00
PHP < 4.4.5 Multiple Vulnerabilities
2020-08-17 00:00:00
PHP < 5.2.1 Multiple Vulnerabilities
2012-06-21 00:00:00
nessus
nessus
PHP < 4.4.5 Multiple Vulnerabilities
2007-04-02 00:00:00
PHP < 5.2.1 Multiple Vulnerabilities
2007-04-02 00:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.1 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.8%
Related for RH:CVE-2007-1835