| Vulnerability Name: | CVE-2007-3997 (CCN-36384) | ||||||||
| Assigned: | 2007-08-30 | ||||||||
| Published: | 2007-08-30 | ||||||||
| Updated: | 2018-10-26 | ||||||||
| Summary: | The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 6.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
6.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-264 | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: MITRE Type: CNA CVE-2007-3997 Source: CCN Type: SA26642 PHP Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory 26642 Source: SECUNIA Type: Third Party Advisory 26822 Source: SECUNIA Type: Third Party Advisory 26838 Source: SECUNIA Type: Third Party Advisory 27102 Source: SECUNIA Type: Third Party Advisory 27377 Source: CCN Type: SA28318 PHP Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory 28318 Source: SREASON Type: Exploit, Third Party Advisory 3102 Source: MISC Type: Exploit, Third Party Advisory http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/ Source: CCN Type: GLSA-200710-02 PHP: Multiple vulnerabilities Source: GENTOO Type: Third Party Advisory GLSA-200710-02 Source: CCN Type: OSVDB ID: 36867 PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass Source: CCN Type: OSVDB ID: 36868 PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass Source: CCN Type: OSVDB ID: 37784 PHP MySQL Extension Multiple Function Security Restriction Bypass Source: CONFIRM Type: Vendor Advisory http://www.php.net/ChangeLog-4.php Source: CONFIRM Type: Vendor Advisory http://www.php.net/ChangeLog-5.php#5.2.4 Source: CONFIRM Type: Vendor Advisory http://www.php.net/releases/4_4_8.php Source: CCN Type: PHP Web site PHP 5.2.4 Release Announcement Source: CONFIRM Type: Vendor Advisory http://www.php.net/releases/5_2_4.php Source: CCN Type: SECWEB Web site PHP MySQL/MySQLi Safe Mode Bypass Vulnerability Source: TRUSTIX Type: Broken Link 2007-0026 Source: VUPEN Type: Permissions Required, Third Party Advisory ADV-2007-3023 Source: VUPEN Type: Permissions Required, Third Party Advisory ADV-2008-0059 Source: XF Type: Third Party Advisory, VDB Entry php-local-infile-security-bypass(36384) Source: XF Type: UNKNOWN php-local-infile-security-bypass(36384) Source: XF Type: Third Party Advisory, VDB Entry php-localinfile-mysql-security-bypass(39402) Source: CONFIRM Type: Broken Link https://issues.rpath.com/browse/RPL-1693 Source: CONFIRM Type: Broken Link https://issues.rpath.com/browse/RPL-1702 Source: EXPLOIT-DB Type: Third Party Advisory, VDB Entry 4392 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||