Description

PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.

Remediation

References

CVE-2004-1063

Related Vulnerabilities

PHP Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2007-0455)

e107 Other Vulnerability (CVE-2004-2040)

WordPress Plugin DJ EmailPublish Cross-Site Scripting (1.7.2)

WordPress Plugin WP Instagram-Best Instagram Feeds Cross-Site Scripting (1.0.19)

WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Remote Code Execution (2.0.14)

Severity

Critical

Classification

CVE-2004-1063

Tags

Missing Update Known Vulnerabilities