[php-maint] Bug#354678: PHP4 in Sarge appears vulnerable to CVE-2005-3391

Nick Jenkins nickpj at gmail.com
Tue Feb 28 04:19:46 UTC 2006

Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security


 A flaw in the PHP gd extension in versions prior to 4.4.1 could allow
 a remote attacker to bypass safe_mode and open_basedir restrictions via
 unknown attack vectors.

Vulnerable PHP versions:
 PHP before 4.4.1 (according to CVE)

More information about the pkg-php-maint mailing list