Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4850

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-4850
Last Modified 07 Mar 2011 09:59:19
Published 24 Jan 2008 08:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4850

Summary

curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563.

Vulnerable Systems

Application

  • Php 5.2.4

  • Php 5.2.5


References

XF - php-curlinit-security-bypass(39852)

XF - php-safemode-directive-security-bypass(42134)

VUPEN - ADV-2008-2780

VUPEN - ADV-2008-2268

VUPEN - ADV-2008-1412

UBUNTU - USN-628-1

BID - 31681

BID - 27413

BUGTRAQ - 20080527 rPSA-2008-0178-1 php php-mysql php-pgsql

BUGTRAQ - 20080122 PHP 5.2.5 cURL safe_mode bypass

MANDRIVA - MDVSA-2009:023

MANDRIVA - MDVSA-2009:022

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178

CONFIRM - http://support.apple.com/kb/HT3216

SECUNIA - 32222

SECUNIA - 31326

SECUNIA - 31200

SECUNIA - 30411

APPLE - APPLE-SA-2008-10-09

APPLE - APPLE-SA-2008-07-31

CONFIRM - http://cvs.php.net/viewcvs.cgi/php-src/NEWS?revision=1.2027.2.547.2.1047&view=markup

BID - 29009

CONFIRM - http://www.php.net/ChangeLog-5.php

MLIST - [oss-security] 20080502 CVE Request (PHP)

SREASON - 3562

SECUNIA - 30048

Related Patches

Apple 2008-10-09 Security Update 2008-007 Client (PPC)

Apple 2008-10-09 Security Update 2008-007 Server (PPC)

Apple 2008-10-09 Security Update 2008-007 Client (Intel)

Apple 2008-10-09 Security Update 2008-007 Server (Universal)

Apple 2008-10-09 Security Update 2008-007 Server (Leopard)


Last Updated: 27 May 2016 10:45:58