Description
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
Remediation
References
Related Vulnerabilities
Joomla Other Vulnerability (CVE-2006-3481)
WordPress Plugin Vmax Project Manager Arbitrary File Upload (1.1)
OpenSSL Out-of-bounds Write Vulnerability (CVE-2022-2274)
Oracle JRE CVE-2013-0433 Vulnerability (CVE-2013-0433)
ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-43498)