CVE-2007-4652 - CVE Reference - Advisories

CVE Reference: CVE-2007-4652

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-4652

Description: The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/36387 TRUSTIX http://www.trustix.org/errata/2007/0026/ SAID Secunia Advisory: SA26642 Secunia Advisory: SA26822 Secunia Advisory: SA26838 Secunia Advisory: SA27377 Secunia Advisory: SA27102 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml CONFIRM http://www.php.net/releases/5_2_4.php http://www.php.net/ChangeLog-5.php#5.2.4

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Red Hat update for vsftpd

2.	Red Hat update for rdesktop

3.	Red Hat update for rdesktop

4.	Red Hat update for coreutils

5.	Red Hat update for kernel

6.	Red Hat update for nss_ldap

7.	Red Hat update for mysql

8.	Atom PhotoBlog "photoId" SQL Injection Vulnerability

9.	OpenBSD BIND Query Port DNS Cache Poisoning

10.	Red Hat update for kernel