CVE-2008-7002 in PHPinformazioni

Riassunto

di MITRE

PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4) passthru, or (5) popen functions, possibly involving pathnames such as "C:" drive notation.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

17/08/2009

Divulgazione

19/08/2009

Moderazione

accettato

Voce

VDB-49508

CPE

pronto

CWE

CWE-264 (confermato)

Sfruttamento

Scaricare

CVSS

7.2 (NVD)

EPSS

0.00832

KEV

Attività

molto basso

Settore

Education, Finance, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-7002
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-7002
CVE Details	https://www.cvedetails.com/cve/CVE-2008-7002/

◂ Precedente Visione D'ensemble Il prossimo ▸

Interested in the pricing of exploits?

See the underground prices here!