Security Advisory

CVE-2007-1382

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-03-10 00:00:00

Last updated 2024-08-07 12:50:35

Assigner mitre

State PUBLISHED

Description

The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHPs safe mode.

← Browse all CVEs View on cve.org ↗