Computer Security
[EN] securityvulns.ru no-pyccku


PHP unauthorized access
Published:06.03.2009
Source:
SecurityVulns ID:9711
Type:local
Threat Level:
5/10
Description:mbstring.func_overload setting in .htaccess is applied to all websites.
Affected:PHP : PHP 4.4
 PHP : PHP 5.1
CVE:CVE-2009-0754 (PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:066 ] php (06.03.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod