CVE-2003-0863

Name of the Vulnerable Software and Affected Versions PHP versions 4.3.x

Description The issue arises from the php check safe mode include dir function in fopen wrappers.c, which returns a success value when the safe mode include dir variable is not specified in the configuration. This behavior differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.

Recommendations For PHP version 4.3.x, consider specifying the safe mode include dir variable in the configuration to prevent potential exploitation of file include vulnerabilities.