CVE Vulnerabilities

CVE-2001-1247

Published: Dec 06, 2001 | Modified: Jun 25, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.

Affected Software

Name Vendor Start Version End Version
Php Php 4.0.4pl1 4.0.4pl1
Php Php 4.0.5 4.0.5

References