CVE-2009-3559


Severity : High
Published : 2009-11-23
Modified : 2010-04-01
Base Score : 7.5
Details : ** DISPUTED ** main/streams/plain_wrapper.c in PHP 5.3.x before 5.3.1 does not recognize the safe_mode_include_dir directive, which allows context-dependent attackers to have an unknown impact by triggering the failure of PHP scripts that perform include or require operations, as demonstrated by a script that attempts to perform a require_once on a file in a standard library directory. NOTE: a reliable third party reports that this is not a vulnerability, because it results in a more restrictive security policy.
Product/Version :  
 
 

CVE Vulnerabilities List CVE-2009

CVE-2009-0021CVE-2009-0028CVE-2009-0159CVE-2009-0163
CVE-2009-0217CVE-2009-0316CVE-2009-0778CVE-2009-0791
CVE-2009-0798CVE-2009-0834CVE-2009-0835CVE-2009-0859
CVE-2009-0887CVE-2009-0949CVE-2009-1192CVE-2009-1194
CVE-2009-1195CVE-2009-1196CVE-2009-1210CVE-2009-1252
CVE-2009-1265CVE-2009-1267CVE-2009-1268CVE-2009-1269
CVE-2009-1297CVE-2009-1337CVE-2009-1377CVE-2009-1378
CVE-2009-1386CVE-2009-1387CVE-2009-1389CVE-2009-1417
CVE-2009-1574CVE-2009-1630CVE-2009-1632CVE-2009-1885
CVE-2009-1890CVE-2009-1891CVE-2009-1895CVE-2009-1961
CVE-2009-2042CVE-2009-2409CVE-2009-2412CVE-2009-2417
CVE-2009-2560CVE-2009-2562CVE-2009-2563CVE-2009-2730
CVE-2009-2847CVE-2009-2848CVE-2009-2849CVE-2009-2903
CVE-2009-2908CVE-2009-2909CVE-2009-2910CVE-2009-3001
CVE-2009-3002CVE-2009-3080CVE-2009-3094CVE-2009-3095
CVE-2009-3228CVE-2009-3230CVE-2009-3238CVE-2009-3245
CVE-2009-3490CVE-2009-3547CVE-2009-3550CVE-2009-3555
CVE-2009-3557CVE-2009-3558CVE-2009-3559CVE-2009-3560
CVE-2009-3563CVE-2009-3612CVE-2009-3620CVE-2009-3621
CVE-2009-3639CVE-2009-3720CVE-2009-3726CVE-2009-3736
CVE-2009-3767CVE-2009-3889CVE-2009-4005CVE-2009-4017
CVE-2009-4020CVE-2009-4021CVE-2009-4022CVE-2009-4029
CVE-2009-4131CVE-2009-4134CVE-2009-4135CVE-2009-4141
CVE-2009-4272CVE-2009-4307CVE-2009-4308CVE-2009-4355
CVE-2009-4377CVE-2009-4410CVE-2009-4537CVE-2009-4880
CVE-2009-4881CVE-2009-4895CVE-2009-5029CVE-2009-5064