CVE-2007-5424

High

7.5/10

Summary

The disable_functions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using ini_alter when ini_set is disabled.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Oct 12, 2007

CVE-2007-5424

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS