Description
curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563.
Remediation
References
Related Vulnerabilities
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13663)
NuSOAP Improper Certificate Validation Vulnerability (CVE-2012-6071)
WordPress Plugin SP Project & Document Manager Unspecified Vulnerability (2.5.7.3)
WordPress 'swfupload.swf' Cross-Site Scripting Vulnerability (2.5 - 3.3.1)
WordPress Plugin FD Feedburner Cross-Site Request Forgery (1.42)