CVE 2010-3436
fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename.
Related bugs and status
CVE-2010-3436 (Candidate) is related to these bugs:
Bug #682501: php5 5.3.3-1 causing segfaults -> 5.3.3-4 backport for maverick?
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 682501 | php5 5.3.3-1 causing segfaults -> 5.3.3-4 backport for maverick? | php5 (Ubuntu) | Undecided | Incomplete | ||
| 682501 | php5 5.3.3-1 causing segfaults -> 5.3.3-4 backport for maverick? | php | Undecided | New | ||
Bug #697181: DoS: Infinite loop processing 2.2250738585072011e-308
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 697181 | DoS: Infinite loop processing 2.2250738585072011e-308 | php5 (Ubuntu) | Undecided | Fix Released | ||
| 697181 | DoS: Infinite loop processing 2.2250738585072011e-308 | php | Unknown | Unknown | ||
| 697181 | DoS: Infinite loop processing 2.2250738585072011e-308 | php5 (Ubuntu Lucid) | Undecided | Fix Released | ||
| 697181 | DoS: Infinite loop processing 2.2250738585072011e-308 | php5 (Ubuntu Maverick) | Undecided | Fix Released | ||
| 697181 | DoS: Infinite loop processing 2.2250738585072011e-308 | php5 (Ubuntu Natty) | Undecided | Fix Released | ||
| 697181 | DoS: Infinite loop processing 2.2250738585072011e-308 | php5 (Fedora) | Medium | Fix Released | ||
| 697181 | DoS: Infinite loop processing 2.2250738585072011e-308 | php5 (Debian) | Unknown | Fix Released | ||
Bug #701765: open_basedir breaks by restricting paths to files that should be allowed; Unknown: Failed opening required '/usr/share/phpmyadmin/index.php' (include_path='.') in Unknown on line 0
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 701765 | open_basedir breaks by restricting paths to files that should be allowed; Unknown: Failed opening required '/usr/share/phpmyadmin/index.php' (include_path='.') in Unknown on line 0 | php5 (Ubuntu) | High | Fix Released | ||
| 701765 | open_basedir breaks by restricting paths to files that should be allowed; Unknown: Failed opening required '/usr/share/phpmyadmin/index.php' (include_path='.') in Unknown on line 0 | php | Unknown | Unknown | ||
See the 
CVE page on Mitre.org
for more details.
