Showing 1 - 1 of 1

CVE-2004-1064

Status Candidate

Overview

The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.

Related Files

012004.txt: Posted Dec 30, 2004; Authored by Stefan Esser | Site hardened-php.net; Hardened-PHP Project Security Advisory - Several vulnerabilities within PHP allow local and remote execution of arbitrary code. PHP4 versions 4.3.9 and below and PHP5 version 5.0.2 and below are affected.; tags | advisory, remote, arbitrary, local, php, vulnerability; advisories | CVE-2004-1018, CVE-2004-1019, CVE-2004-1063, CVE-2004-1064; SHA-256 | ed1ef90ff012b77b27997a86a514190dac77644dc99eaeeab47035e716b3d0cf; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 312 files
Ubuntu 65 files
Debian 25 files
LiquidWorm 11 files
Valentin Lobstein 10 files
nu11secur1ty 8 files
Milad Karimi 6 files
Google Security Research 5 files
Erdemstar 3 files
Jann Horn 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,025)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,477)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,700)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,478)
UNIX (9,394)
UnixWare (187)
Windows (6,653)
Other

CVE-2004-1064

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems