CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1392

PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.104

EPSS Ranking 92.9%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=109898213806099&w=2
http://marc.info/?l=bugtraq&m=110625060220934&w=2
http://securitytracker.com/id?1011984
http://www.redhat.com/support/errata/RHSA-2005-405.html
http://www.redhat.com/support/errata/RHSA-2005-406.html
http://www.securityfocus.com/bid/11557
https://bugzilla.fedora.us/show_bug.cgi?id=2344
https://exchange.xforce.ibmcloud.com/vulnerabilities/17900
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9279
http://marc.info/?l=bugtraq&m=109898213806099&w=2
http://marc.info/?l=bugtraq&m=110625060220934&w=2
http://securitytracker.com/id?1011984
http://www.redhat.com/support/errata/RHSA-2005-405.html
http://www.redhat.com/support/errata/RHSA-2005-406.html
http://www.securityfocus.com/bid/11557
https://bugzilla.fedora.us/show_bug.cgi?id=2344
https://exchange.xforce.ibmcloud.com/vulnerabilities/17900
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9279

Products affected by CVE-2004-1392

Php » Php » Version: 4.0

cpe:2.3:a:php:php:4.0
Php » Php » Version: 4.0.1

cpe:2.3:a:php:php:4.0.1
Php » Php » Version: 4.0.2

cpe:2.3:a:php:php:4.0.2
Php » Php » Version: 4.0.3

cpe:2.3:a:php:php:4.0.3
Php » Php » Version: 4.0.4

cpe:2.3:a:php:php:4.0.4
Php » Php » Version: 4.0.5

cpe:2.3:a:php:php:4.0.5
Php » Php » Version: 4.0.6

cpe:2.3:a:php:php:4.0.6
Php » Php » Version: 4.0.7

cpe:2.3:a:php:php:4.0.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1392

Products

Pricing

Contact Us