Local File Modification Vulnerability in Zend Platform by Zend Technologies
CVE-2007-1369

Currently unrated

Key Information:

Vendor

Zend

Status
Zend Platform
Vendor
CVE Published:
9 March 2007

What is CVE-2007-1369?

The ini_modifier (sgid-zendtech) in Zend Platform versions up to 2.2.3 permits local users to exploit the system's php.ini file. Attackers can alter a copy of php.ini through the -f parameter, followed by executing a symlink attack. This involves linking a directory containing the manipulated php.ini file to /usr/local/Zend/etc, potentially compromising server configurations and security settings.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/33930
vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2007/0829
vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/22802
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.