PublicDate: 2007-09-12 01:17:00 UTC
Candidate: CVE-2007-4825
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4825
Description:
 Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers
 to bypass open_basedir restrictions and possibly execute arbitrary code via
 a .. (dot dot) in the dl function.
Ubuntu-Description: 
Notes: 
 kees> open_basedir not supported.
Bugs: 
Priority: negligible
Discovered-by:
Assigned-to: 
CVSS: 
upstream_php5: released (5.2.4)
dapper_php5: needed
edgy_php5: needed
feisty_php5: needed
gutsy_php5: needed
hardy_php5: not-affected (5.2.4-2ubuntu3)
devel_php5: not-affected (5.2.4-2ubuntu3)