CVE-2005-3391
PHP < 4.4.1 - Safe Mode and Open Basedir Restriction Bypass in CURL and GD Extensions
Title source: llmDescription
Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.
References (24)
Core 24
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22691
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18198
Various Sources vendor-advisory
x_refsource_hp
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20898
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/525
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19064
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18054
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2254
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/16907
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17371
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/0791
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4320
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_suse
http://www.securityfocus.com/archive/1/419504/100/0/threaded
Various Sources vendor-advisory
x_refsource_mandriva
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:035
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18763
Patch x_refsource_confirm
http://www.php.net/release_4_4_1.php
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA06-062A.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15411
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17510
Various Sources vendor-advisory
x_refsource_openpkg
http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://www.ubuntu.com/usn/usn-232-1/
Vendor Advisory x_refsource_confirm
http://docs.info.apple.com/article.html?artnum=303382
Scores
EPSS
0.1930
EPSS Percentile
95.5%
Details
Status
published
Products (44)
php/php
3.0
php/php
3.0.1
php/php
3.0.2
php/php
3.0.3
php/php
3.0.4
php/php
3.0.5
php/php
3.0.6
php/php
3.0.7
php/php
3.0.8
php/php
3.0.9
... and 34 more
Published
Nov 01, 2005
Tracked Since
Feb 18, 2026