CVE-2004-1392

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05564

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2004-1392

ubuntu

больше 20 лет назад

PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.

CVE-2004-1392

redhat

больше 20 лет назад

PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.

CVE-2004-1392

debian

больше 20 лет назад

PHP 4.0 with cURL functions allows remote attackers to bypass the open ...

GHSA-5h5w-vq2m-cxf3

github

около 3 лет назад

PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.

EPSS

Процентиль: 90%

0.05564

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other