CVE-2007-3997
CVE-2007-3997
The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 1
cve_referencewww.exploit-db.com/exploits/4392não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://secunia.com/advisories/26642http://secunia.com/advisories/26822http://secunia.com/advisories/26838http://secunia.com/advisories/27102http://secunia.com/advisories/27377http://secunia.com/advisories/28318http://securityreason.com/securityalert/3102http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/https://exchange.xforce.ibmcloud.com/vulnerabilities/36384https://exchange.xforce.ibmcloud.com/vulnerabilities/39402https://issues.rpath.com/browse/RPL-1693https://issues.rpath.com/browse/RPL-1702