Great Reviews!Need help setting up your website, installing Apache, PHP, MySQL, or RavenNuke(tm)?Need help customizing or designing scripts?Please contact us via the Contact Us option for further details and pricing.
DESCRIPTION: Multiple vulnerabilities have been reported in PHP, some of which have unknown impact and others that can be exploited by malicious users to bypass certain security restrictions.
1) Input validation errors exist in the processing of exif data. This is related to vulnerability #3 in: SA36791
2) An error in "tempnam()" can be exploited to bypass the "safe_mode" feature.
3) An error in "posix_mkfifo()" can be exploited to bypass the "open_basedir" feature.
SOLUTION: Update to version 5.3.1.
PROVIDED AND/OR DISCOVERED BY:
1) Reported by the vendor.
2, 3) Grzegorz Stachowiak
ORIGINAL ADVISORY: PHP: http://www.php.net/releases/5_3_1.php
Grzegorz Stachowiak:
http://securityreason.com/securityalert/6600
http://securityreason.com/securityalert/6601
OTHER REFERENCES: SA36791: http://secunia.com/advisories/36791/
Posted on Sunday, November 22, 2009 @ 13:44:17 EST by Raven
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
