Name | CVE-2007-5900 |
Description | PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Apparently a dupe of CVE-2007-4659 due to temporary revoke of the patch
from CVS and later re-introduction
https://bugs.php.net/bug.php?id=41561