Bug 172200 - PHP File-Upload $GLOBALS Overwrite Vulnerability
Summary: PHP File-Upload $GLOBALS Overwrite Vulnerability
Keywords:
Status: CLOSED DUPLICATE of bug 172208
Alias: None
Product: Fedora
Classification: Fedora
Component: php
Version: 4
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Joe Orton
QA Contact: David Lawrence
URL: http://www.hardened-php.net/advisory_...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-11-01 15:11 UTC by Thomas Babut
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-11-08 11:28:27 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Thomas Babut 2005-11-01 15:11:08 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8) Gecko/20051031 Firefox/1.5

Description of problem:
The new security problem described at http://www.hardened-php.net/advisory_202005.79.html exists in all PHP-Versions <= 4.4.0 (FC3) and <= 5.0.5 (FC4).

Version-Release number of selected component (if applicable):
php-5.0.4-10.4

How reproducible:
Always

Steps to Reproduce:
1.
2.
3.
  

Additional info:
Comment 1 Joe Orton 2005-11-08 11:28:27 UTC 

*** This bug has been marked as a duplicate of 172208 ***
Note You need to log in before you can comment on or make changes to this bug.