CVE-2005-3391

Severity

75%

Complexity

99%

Confidentiality

106%

Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.

Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

PHP

First reported 19 years ago

2005-11-01 12:47:00

Last updated 6 years ago

2018-10-30 16:25:00

Affected Software

PHP PHP 3.0

3.0

PHP PHP 3.0.1

3.0.1

PHP PHP 3.0.2

3.0.2

PHP PHP 3.0.3

3.0.3

PHP PHP 3.0.4

3.0.4

PHP PHP 3.0.5

3.0.5

PHP PHP 3.0.6

3.0.6

PHP PHP 3.0.7

3.0.7

PHP PHP 3.0.8

3.0.8

PHP PHP 3.0.9

3.0.9

PHP PHP 3.0.10

3.0.10

PHP PHP 3.0.11

3.0.11

PHP PHP 3.0.12

3.0.12

PHP PHP 3.0.13

3.0.13

PHP PHP 3.0.14

3.0.14

PHP PHP 3.0.15

3.0.15

PHP PHP 3.0.16

3.0.16

PHP PHP 3.0.17

3.0.17

PHP PHP 3.0.18

3.0.18

PHP PHP 4.0.0

4.0.0

PHP PHP 4.0.1

4.0.1

PHP PHP 4.0.2

4.0.2

PHP PHP 4.0.3

4.0.3

PHP PHP 4.0.4

4.0.4

PHP PHP 4.0.5

4.0.5

PHP PHP 4.0.6

4.0.6

PHP PHP 4.0.7

4.0.7

PHP 4.0.7 Release Candidate 1

4.0.7

PHP 4.0.7 Release Candidate 2

4.0.7

PHP 4.0.7 Release Candidate 3

4.0.7

PHP PHP 4.1.0

4.1.0

PHP PHP 4.1.1

4.1.1

PHP PHP 4.1.2

4.1.2

PHP PHP 4.2.0

4.2.0

PHP PHP 4.2.1

4.2.1

PHP PHP 4.2.2

4.2.2

PHP PHP 4.2.3

4.2.3

PHP PHP 4.3.0

4.3.0

PHP PHP 4.3.1

4.3.1

PHP PHP 4.3.2

4.3.2

PHP PHP 4.3.3

4.3.3

PHP PHP 4.3.4

4.3.4

PHP PHP 4.3.5

4.3.5

PHP PHP 4.3.6

4.3.6

PHP PHP 4.3.7

4.3.7

PHP PHP 4.3.8

4.3.8

PHP PHP 4.3.9

4.3.9

PHP PHP 4.3.10

4.3.10

PHP PHP 4.3.11

4.3.11

PHP PHP 4.4.0

4.4.0

References

http://docs.info.apple.com/article.html?artnum=303382

SSRT061238

APPLE-SA-2006-03-01

17371

Patch, Vendor Advisory

17510

18054

18198

18763

19064

22691

525

GLSA-200511-08

OpenPKG-SA-2005.027

20898

http://www.php.net/release_4_4_1.php

Patch

SUSE-SA:2005:069

15411

16907

TA06-062A

US Government Resource

ADV-2005-2254

ADV-2006-0791

ADV-2006-4320

MDKSA-2006:035

USN-232-1

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.