CVE Vulnerabilities

CVE-2001-1247

Published: Dec 06, 2001 | Modified: Nov 20, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.

Affected Software

Name Vendor Start Version End Version
Php Php 4.0.4pl1 (including) 4.0.4pl1 (including)
Php Php 4.0.5 (including) 4.0.5 (including)
Red Hat Linux 6.2 RedHat *
Red Hat Linux 7.0 RedHat *
Red Hat Linux 7.1 RedHat *
Red Hat Linux 7.2 RedHat *

References