PHP Multiple Functions 'safe_mode' Restriction Bypass Vulnerability

PHP is prone to 'safe_mode' restriction-bypass vulnerability. Successful exploits could allow an attacker to execute arbitrary code.

This vulnerability would be an issue in hosting environments where users can create and execute arbitrary PHP script code; in such cases, the 'safe_mode' restriction is expected to enforce certain restrictions on executing system commands. This issue can also help in attacks exploiting other vulnerabilities, resulting in remote PHP code execution.

Note that the issue affects only Windows PHP installations and can be exploited when 'safe_mode_exec_dir' is not set (holds a default value).

PHP 5.2.9 and 5.2.10 are vulnerable; prior and newer versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus