CVE-2007-4652

Publication date 4 September 2007

Last updated 24 July 2024

Ubuntu priority

Negligible

Why this priority?

Description

The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.

Read the notes from the security team

Status

Package Ubuntu Release Status
php5 8.04 LTS hardy
Not affected
7.10 gutsy Ignored end of life, was needed
7.04 feisty Ignored end of life, was needed
6.10 edgy Ignored end of life, was needed
6.06 LTS dapper Ignored end of life, was needed

Notes

kees

open_basedir not supported

References

Other references