CVE-2003-0863 Information

Description

The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.

Reference

http://marc.info/?l=bugtraq&m=105839111204227