ID |
CVE-2007-1710
|
Summary |
The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*
-
cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*
-
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
|
CVSS |
Base: | 4.3 (as of 11-10-2017 - 01:31) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
SINGLE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:L/AC:L/Au:S/C:P/I:P/A:P
|
refmap
via4
|
exploit-db | 3573 | hp | - HPSBMA02215
- HPSBTU02232
- SSRT071423
- SSRT071429
| secunia | | vupen | - ADV-2007-1991
- ADV-2007-2374
|
|
statements
via4
|
contributor | Mark J Cox | lastmodified | 2007-04-17 | organization | Red Hat | statement | We do not consider these to be security issues. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1
and http://www.php.net/security-note.php
|
|
Last major update |
11-10-2017 - 01:31 |
Published |
27-03-2007 - 01:19 |
Last modified |
11-10-2017 - 01:31 |