Computer Security
[EN] no-pyccku

PHP COM extension safe_mode protection bypass
SecurityVulns ID:7379
Threat Level:
Description:WScript.Shell COM object allows execution of any commands.
CVE:CVE-2007-1382 (The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode.)
Files:PHP COM extensions (inconsistent Win32) safe_mode bypass

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod