CVE-2007-5447

ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function.
Configurations

Configuration 1

cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ioncube:php_encoder:6.5:*:*:*:*:*:*:*

Information

Published : 2007-10-14 06:17

Updated : 2017-09-29 01:29


NVD link : CVE-2007-5447

Mitre link : CVE-2007-5447

Products Affected
No products.
CWE