Description

The (1) session_save_path, (2) ini_set, and (3) error_log functions in PHP 4.4.7 and earlier, and PHP 5 5.2.3 and earlier, when invoked from a .htaccess file, allow remote attackers to bypass safe_mode and open_basedir restrictions and possibly execute arbitrary commands, as demonstrated using (a) php_value, (b) php_flag, and (c) directives in .htaccess.

Remediation

References

CVE-2007-3378

Related Vulnerabilities

WordPress Plugin Theme My Login 'instance' Parameter Cross-Site Scripting (6.1.4)

silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-4822)

IBM WebSEAL Weak Password Requirements Vulnerability (CVE-2024-35137)

Drupal Core 6.x Cross-Site Scripting (6.0 - 6.10)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4629)

Severity

Medium

Classification

CVE-2007-3378 CWE-264

Tags

Missing Update Known Vulnerabilities