CVE Reference: CVE-2003-0863

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2003-0863

Description:
The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.

CVE Status:
Candidate

References:

BUGTRAQ
  http://marc.theaimsgroup.com/?l=bugtraq&m=105839111204227


Return to the previous page.