CVE Reference: CVE-2005-3391

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2005-3391

Description:
Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntulinux.org/usn/usn-232-1/document_view

SUSE
  http://www.securityfocus.com/archive/1/archive/1/419504/100/0/threaded

SREASON
  http://securityreason.com/securityalert/525

SAID
  Secunia Advisory: SA17371
  Secunia Advisory: SA18054
  Secunia Advisory: SA18763
  Secunia Advisory: SA18198
  Secunia Advisory: SA19064
  Secunia Advisory: SA17510
  Secunia Advisory: SA22691

OSVDB
  20898

OPENPKG
  http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html

MANDRIVA
  http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:035

HP
  http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml

CONFIRM
  http://docs.info.apple.com/article.html?artnum=303382
  http://www.php.net/release_4_4_1.php

CERT
  http://www.us-cert.gov/cas/techalerts/TA06-062A.html

BID
  15411
  16907

APPLE
  http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html


Return to the previous page.