Cve-2007-5653 (php) - HeapOverflow Computer Security Community & Forums : Heap Overflow.com

HeapOverflow Computer Security Community & Forums : Heap Overflow.com

		HeapOverflow Computer Security Community & Forums : Heap Overflow.com > Computer Security: Discussions > Advisories
Cve-2007-5653 (php)

Mark Forums Read

Notices

Welcome to you visitor! This community is mainly dedicated to the computer and security, if you're looking for DFind scanner or others exploits codes you will find them into the Projects section, feel free to start Blogging and remember to always keep an eye and start talking about security Advisories & public Exploits.

Advisories Discuss about all newly security flaws classed by CVE entries and reviewed by security experts

Cve-2007-5653 (php)

This is a discussion on "Cve-2007-5653 (php)" within the Advisories part of the Computer Security: Discussions section; The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the ...

Reply

1 links from elsewhere to this Post. Click to view.

#1 (permalink)

Old

25-10-07

Heap is offline

Reporter

Join Date: Oct 2007

Posts: 12,469

Thanks: 0

Thanked 5 Times in 5 Posts

Rep Power: 2497

Heap is on a distinguished road

nvd

Cve-2007-5653 (php)

The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control Compatibility Flags, executing programs via a function in compatUI.dll, invoking wscript.shell via wscript.exe, invoking Scripting.FileSystemObject via wshom.ocx, and adding users via a function in shgin...

More...

Reply With Quote

Sponsor

Advertiser

Reply

Tags
cve20075653, php

« CVE-2007-5650 (ReloadCMS) | CVE-2007-5674 (weather) »

LinkBacks (?) LinkBack to this Thread: http://heapoverflow.com/f0rums/advisories/1541-cve-2007-5653-php.html
Posted By	For	Type	Date
php - Members and Communities tagged with php - Zoints	This thread	Refback	05-01-08 05:28

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Cve-2008-3660 (php)	Heap	Advisories	0	15-08-08 21:58
CVE-2008-1068 (Portail Web Php)	Heap	Advisories	0	29-02-08 19:59
CVE-2008-0566 (PHP Links)	Heap	Advisories	0	05-02-08 19:29
CVE-2007-6396 (Flat PHP Board)	Heap	Advisories	0	20-12-07 03:16
Microsoft Service Packs Going Out of Support - May 2007	class101	Security discussions	0	02-05-07 01:08

heapoverflow.com - SEOmeter SEO tools

Locations of visitors to this page

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110