Mandriva Linux Security Advisory 2009-188 – encoder.php in eAccelerator allows remote attackers to execute arbitrary code by copying a local executable file to a location under the web root via the -o option, and then making a direct request to this file, related to upload of image files. Additionally to addressing the security issue this update also provides php4-eaccelerator 0.9.5.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/79955/MDVSA-2009-188.txt
Source: https://packetstormsecurity.com/files/79955/Mandriva-Linux-Security-Advisory-2009-188.html