CVE-2009-3559

Name of the Vulnerable Software and Affected Versions PHP versions 5.3.x before 5.3.1

Description The issue in PHP does not recognize the safe mode include dir directive, which allows context-dependent attackers to have an unknown impact by triggering the failure of PHP scripts that perform include or require operations. This can be demonstrated by a script that attempts to perform a require once on a file in a standard library directory.

Recommendations For PHP versions 5.3.x before 5.3.1, update to version 5.3.1 to resolve the issue.