[原文]PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via (1) the "%", "|", or ">" characters to the escapeshellcmd function, or (2) the "%" character to the escapeshellarg function.
PHP contains a flaw that may allow a malicious user to bypass security restriction. The issue is due to an input validation error in the escapeshellcmd() routine. The escapeshellcmd() routine fails to filter the characters "%|>", allowing a remote attacker to access environment variables, redirect output and execute arbitrary commands. The flaw will result in a loss of confidentiality and integrity.
Upgrade to version 4.3.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.