3 matches found
SUSE CVE-2007-1835
PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...
CVE-2007-1835
PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...
CVE-2007-1835
The CVE-2007-1835 issue affects PHP 4 before 4.4.5 and PHP 5 before 5.2.1. When session.save_path is empty, PHP uses the TMPDIR default after performing restrictions, which can allow local users to bypass open_basedir protections. The description explicitly ties the bypass to temporary directory ...