Lucene search
Ubuntu.comUB:CVE-2007-3007HistoryJun 04, 2007 - 12:00 a.m.
CVE-2007-3007
2007-06-0400:00:00
ubuntu.com
ubuntu.com
10
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.007 Low
EPSS
Percentile
79.2%
PHP 5 before 5.2.3 does not enforce the open_basedir or safe_mode
restriction in certain cases, which allows context-dependent attackers to
determine the existence of arbitrary files by checking if the readfile
function returns a string. NOTE: this issue might also involve the
realpath function.
Notes
| Author | Note |
|---|---|
| kees | basedir bypass |
Related
prion
prion
Design/Logic Flaw
2007-06-04 17:30:00
cve
cve
CVE-2007-3007
2007-06-04 17:30:00
openvas
openvas
PHP < 5.2.3 Multiple Vulnerabilities
2012-06-21 00:00:00
PHP < 5.2.3 Multiple Vulnerabilities
2020-08-17 00:00:00
Fedora Update for php FEDORA-2007-2215
2009-02-27 00:00:00
nessus
nessus
PHP < 5.2.3 Multiple Vulnerabilities
2007-06-02 00:00:00
Fedora 7 : php-5.2.4-1.fc7 (2007-2215)
2007-11-06 00:00:00
openSUSE 10 Security Update : php5 (php5-3753)
2007-10-17 00:00:00
suse
suse
remote denial of service in php4,php5
2007-07-12 16:26:43
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-10-07 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.007 Low
EPSS
Percentile
79.2%
Related for UB:CVE-2007-3007