php
Page content
- Author: voroskoi
- Vulnerable: 5.2.3-1terminus2
- Unaffected: 5.2.3-1terminus3
shinnai has discovered a vulnerability in PHP, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to an error in the handling of an uninitialized structure inside the “glob()” function. This can be exploited to execute arbitrary code, which may lead to security restrictions (e.g. the “disable_functions” directive) being bypassed.
- Bug Tracker URL: http://bugs.frugalware.org/task/2267