Labs

PHP 5.2.13 Multiple Vulnerabilities

Vulnerabilities that involve safe_mode validation and safe_mode bypass have been reported in PHP 5.2.x branch.

PHP has reported vulnerabilities that involve:

• safe_mode validation inside tempnam() when the directory path does not end with a /)

• open_basedir/safe_mode bypass in a session extension

• LCG entropy

Update to PHP 5.2.13 or later versions

PHP 5.2.13 Released! (http://www.php.net/)