NuytsTech Security

CVE-2007-3997

by ·

The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.

Date published : 2007-09-04

http://www.php.net/ChangeLog-4.php

http://www.php.net/ChangeLog-5.php#5.2.4

Tags: