Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5424

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5424
Last Modified 05 Sep 2008 05:30:45
Published 12 Oct 2007 07:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5424

Summary

The disable_functions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using ini_alter when ini_set is disabled.

Vulnerable Systems

Application

  • Php 4.0

  • Php 5.0.0


References

BUGTRAQ - 20071010 Vulnerabilities digest

MISC - http://securityvulns.ru/Sdocument67.html

MISC - http://securityvulns.com/news/PHP/alias-pb.html

SREASON - 3216


Last Updated: 27 May 2016 10:46:10