Description

PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.

Remediation

References

CVE-2004-1392

Related Vulnerabilities

WordPress Plugin Improved user search in backend Cross-Site Request Forgery (1.2.4)

Oracle JRE CVE-2024-20918 Vulnerability (CVE-2024-20918)

MySQL Deserialization of Untrusted Data Vulnerability (CVE-2019-14893)

MySQL CVE-2021-2232 Vulnerability (CVE-2021-2232)

Oracle Application Server CVE-2007-5521 Vulnerability (CVE-2007-5521)

Severity

Medium

Classification

CVE-2004-1392

Tags

Missing Update Known Vulnerabilities