CVE-2007-5900
Published: 20 November 2007
PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625.
Notes
Author | Note |
---|---|
jdstrand | requires malicious script |