[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-3392Date: (C)2005-11-01   (M)2023-12-22


Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-15413
BID-16907
SECUNIA-17371
SECUNIA-17510
SECUNIA-18054
SECUNIA-18198
SECUNIA-19064
OSVDB-20897
SECUNIA-22691
SREASON-525
ADV-2005-2254
ADV-2006-0791
ADV-2006-4320
APPLE-SA-2006-03-01
GLSA-200511-08
SSRT061238
SUSE-SA:2005:069
TA06-062A
USN-232-1
http://docs.info.apple.com/article.html?artnum=303382
http://www.php.net/release_4_4_1.php
php-virtual-bypass-security(22924)

CPE    47
cpe:/a:php:php:3.0
cpe:/a:php:php:4.3.10
cpe:/a:php:php:4.3.11
cpe:/a:php:php:4.3.4
...

© SecPod Technologies