Showing 1 - 2 of 2

CVE-2012-3365

Status Candidate

Overview

The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors.

Gentoo Linux Security Advisory 201209-03: Posted Sep 24, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201209-3 - Multiple vulnerabilities were found in PHP, the worst of which lead to remote execution of arbitrary code. Versions less than 5.3.15 are affected.; tags | advisory, remote, arbitrary, php, vulnerability; systems | linux, gentoo; advisories | CVE-2011-1398, CVE-2011-3379, CVE-2011-4566, CVE-2011-4885, CVE-2012-0057, CVE-2012-0788, CVE-2012-0789, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172, CVE-2012-1823, CVE-2012-2143, CVE-2012-2311, CVE-2012-2335, CVE-2012-2336, CVE-2012-2386, CVE-2012-2688, CVE-2012-3365, CVE-2012-3450; MD5 | 3a7b11ddafda5c0c062b3746c3db17dd; Download | Favorite | View

Mandriva Linux Security Advisory 2012-108: Posted Jul 23, 2012; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2012-108 - Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an overflow. The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. The updated packages have been upgraded to the 5.3.15 version which is not vulnerable to these issues. Additionally the php-timezonedb packages has been upgraded to the latest version as well.; tags | advisory, remote, overflow, php; systems | linux, mandriva; advisories | CVE-2012-2688, CVE-2012-3365; MD5 | cb6339f2ab0f23b465ebf42626304b47; Download | Favorite | View

Page 1 of 1 Back 1 Next