CVE-2004-1063

Name of the Vulnerable Software and Affected Versions: PHP versions 4.x through 4.3.9 PHP versions 5.x through 5.0.2

Description: The issue allows local users to bypass safe mode exec dir restrictions and execute commands outside of the intended safe mode exec dir via shell metacharacters in the current directory name. Several vulnerabilities were discovered within PHP, including buffer overflow, information leak vulnerabilities, path truncation vulnerabilities, and safe mode restriction bypass vulnerabilities. These vulnerabilities affect various functions such as pack(), unpack(), safe mode exec dir, realpath(), and unserialize().

Recommendations: For PHP versions 4.x through 4.3.9, update to version 4.3.10 or later to resolve the issue. For PHP versions 5.x through 5.0.2, update to version 5.0.3 or later to resolve the issue. As a temporary workaround, consider disabling the safe mode exec dir restriction in multithreaded PHP environments until a patch is available. Restrict access to the pack() and unpack() functions to minimize the risk of exploitation due to integer overflow vulnerabilities. Avoid using the unserialize() function with negative references or references to freed data until the issue is resolved.