Red Hat Bugzilla – Bug 436541
CVE-2007-4850 php: curl safe mode bypass
Last modified: 2008-07-25 04:21:42 EDT
curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows
context-dependent attackers to bypass safe_mode and open_basedir restrictions
and read arbitrary files via a file:// request containing a \x00 sequence, a
different vulnerability than CVE-2006-2563.
Based on change logs, upstream fix is
NVD statement regarding this flaw and php packages shipped in Red Hat Enterprise
Linux and Red Hat Application Stack is available on the url also mentioned in
the initial comment - http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4850:
Official Statement from Red Hat (1/25/2008)
We do not consider these to be security issues. For more details see
There is currently not plan to backport a fix for this issue to Red Hat
Enterprise Linux and Red Hat Application Stack php packages.
For Fedora, this issue will most likely be fixed once next upstream release -
5.2.6 (not yet released upstream) - is uploaded to Fedora repositories.
Fedora packages are already updated to upstream version 5.2.6.
*** This bug has been marked as a duplicate of 169857 ***