[php-maint] Bug#354678: PHP4 in Sarge appears vulnerable to
CVE-2005-3391
Nick Jenkins
nickpj at gmail.com
Tue Feb 28 04:19:46 UTC 2006
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security
Ref:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3391
Descrition:
A flaw in the PHP gd extension in versions prior to 4.4.1 could allow
a remote attacker to bypass safe_mode and open_basedir restrictions via
unknown attack vectors.
Vulnerable PHP versions:
PHP before 4.4.1 (according to CVE)
More information about the pkg-php-maint
mailing list