Vulnerability & Exploit Database

Back to search

PHP Multiple Vulnerabilities Fixed in version 5.2.5

Severity CVSS Published Added Modified
7 (AV:L/AC:M/Au:N/C:C/I:C/A:C) November 12, 2007 June 20, 2008 May 27, 2016

Description

PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

php-upgrade-5_2_5

Related Vulnerabilities