CVE-2007-5900

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.2.5

Description The issue allows local users to bypass protection mechanisms configured through php admin value or php admin flag in httpd.conf by using the ini set function to modify arbitrary configuration variables.

Recommendations For PHP versions prior to 5.2.5, update to version 5.2.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the ini set function to minimize the risk of exploitation.