PHP Win32Service Extension Safe_Mode Restriction Bypass Vulnerability

PHP Win32Service Extension Safe_Mode Restriction Bypass Vulnerability

PHP is prone to a 'safe_mode' restriction-bypass vulnerability. Successful exploits could allow an attacker to bypasss the restrictions imposed by the PHP directive and execute restricted PHP and script code.

This vulnerability would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code; in such cases, the 'safe_mode' restrictions are expected to isolate users from each other.

PHP 5.2.1 is reported vulnerable; other versions may also be affected.