Description

PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.

Remediation

References

CVE-2004-1392

Related Vulnerabilities

MediaWiki Other Vulnerability (CVE-2013-4567)

MySQL CVE-2019-2743 Vulnerability (CVE-2019-2743)

WordPress Plugin WP Mailto Links-Manage Email Links Cross-Site Scripting (2.0.1)

PHP Improper Access Control Vulnerability (CVE-2016-5385)

WordPress Plugin Image Photo Gallery Final Tiles Grid Cross-Site Scripting (3.4.18)

Severity

Medium

Classification

CVE-2004-1392

Tags

Missing Update Known Vulnerabilities