What about CVE-2009-4143?
Issue
-
I wants to do a general question to the following CVE.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4143 -
As there's comment at https://bugzilla.redhat.com/show_bug.cgi?id=169857#c1 ,
"We do not consider safe_mode / open_basedir restriction bypass issues being security sensitive. For more details see", there will not be update from RedHat for this CVE in the future? -
Does not this problem happen if neither "Safe mode" nor "Open_basedir" is specified?
Environment
- Red Hat Enterprise Linux 5.3
- php-5.1.6-23.el5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.