CVE-2012-3365

Impact:
Moderate
Public Date:
2012-07-19
Bugzilla:
841972: CVE-2012-3365 php: open_basedir bypass via SQLite functionality

The MITRE CVE dictionary describes this issue as:

The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors.

Find out more about CVE-2012-3365 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

We do not consider safe_mode / open_basedir restriction bypass issues to be security sensitive. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1 and http://www.php.net/security-note.php

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 5
Base Metrics AV:N/AC:L/Au:N/C:N/I:P/A:N
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Last Modified

CVE description copyright © 2017, The MITRE Corporation