Lucene search
Ubuntu.comUB:CVE-2007-0448HistoryMay 24, 2007 - 12:00 a.m.
CVE-2007-0448
2007-05-2400:00:00
ubuntu.com
ubuntu.com
9
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.011 Low
EPSS
Percentile
84.6%
The fopen function in PHP 5.2.0 does not properly handle invalid URI
handlers, which allows context-dependent attackers to bypass safe_mode
restrictions and read arbitrary files via a file path specified with an
invalid URI, as demonstrated via the srpath URI.
Related
prion
prion
Design/Logic Flaw
2007-05-24 18:30:00
securityvulns
securityvulns
PHP Safe Mod protection bypass
2007-01-28 00:00:00
[Full-disclosure] PHP 5.2.0 safe_mode bypass (by Writing Mode)
2007-01-28 00:00:00
redhatcve
redhatcve
CVE-2007-0448
2015-10-30 09:34:55
cve
cve
CVE-2007-0448
2007-05-24 18:30:00
openvas
openvas
PHP < 5.2.0 Multiple Vulnerabilities
2020-08-17 00:00:00
PHP < 5.2.0 Multiple Vulnerabilities
2012-06-21 00:00:00
nessus
nessus
PHP 5.x < 5.2 Multiple Vulnerabilities
2008-03-25 00:00:00
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.011 Low
EPSS
Percentile
84.6%
Related for UB:CVE-2007-0448