4 matches found
PHP多个安全漏洞.
PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP中存在多个安全漏洞,具体如下: 1 fileexists、imapopen和imapreopen函数中缺少safemode和openbasedir验证; 2 在64位系统上strrepeat和wordwrap函数存在边界错误; 3 可通过cURL扩展和realpath缓存绕过openbasedir和safemode保护机制; 4 GD扩展处理畸形GIF图形时存在边界条件错误; 5 stripos函数中的错误可能导致界外内存读取; 6 64位系统上存在错误的memorylimit限制。...
CVE-2006-4483
The cURL extension files 1 ext/curl/interface.c and 2 ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPTFOLLOWLOCATION option when openbasedir or safemode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache...
CVE-2006-4483
The cURL extension files 1 ext/curl/interface.c and 2 ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPTFOLLOWLOCATION option when openbasedir or safemode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache...
CVE-2006-4483
The cURL extension files 1 ext/curl/interface.c and 2 ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPTFOLLOWLOCATION option when openbasedir or safemode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache...