Vulnerability in Php
CVE-2007-0905
PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.
EPSS: 0.025 (82.3th percentile) — read the EPSS interpretation.
Affected products
- Php — versions 3.0, 3.0.1, 3.0.2
- Trustix Secure_linux — versions 2.2, 3.0
- N/a — versions n/a
References
- cve@mitre.org (vendor-advisory, x_refsource_TRUSTIX)
- cve@mitre.org (vendor-advisory, x_refsource_OPENPKG)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)