CVE-2005-3054 in PHPinfo

Summary

fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

09/26/2005

Disclosure

09/26/2005

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
1849	PHP curl/gd information disclosure		Proof-of-Concept	Official fix	CVE-2005-3054
1848	PHP PCRE memory corruption	119	Proof-of-Concept	Official fix	CVE-2005-3054
1773	PHP opendir_basedir information disclosure		Proof-of-Concept	Official fix	CVE-2005-3054

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!