CVE Vulnerabilities

CVE-2007-3997

Published: Sep 04, 2007 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.

Affected Software

Name Vendor Start Version End Version
Php Php 4.0.0 (including) 4.4.8 (excluding)
Php Php 5.0.0 (including) 5.2.4 (excluding)

References