PHP is prone to multiple security vulnerabilities. Some of these issues may be exploited to bypass security restrictions and create arbitrary files or cause denial-of-service conditions. The impact of the other issues has not been specified. We will update this BID when more information becomes available. These issues affect PHP versions prior to 5.3.1.

Updates are available. Please see the references for more information.

• http://seclists.org/fulldisclosure/2009/Nov/228
• http://securityreason.com/securityalert/6600
• http://securityreason.com/securityalert/6601
• http://www.php.net/
• http://www.php.net/releases/5_3_1.php
• http://www.securityfocus.com/archive/1/507982
• http://www.securityfocus.com/bid/37079

---

Updated on 2015-03-25