From https://secunia.com/advisories/51372/ : Description A vulnerability has been reported in Symfony, which can be exploited by malicious people to disclose certain sensitive information. Certain unspecified input is not properly verified before being used to read files. This can be exploited to disclose the content of arbitrary files via a specially crafted upload request. Successful exploitation requires that a form containing a file upload field is used. The vulnerability is reported in versions prior to 1.4.20. Solution Update to version 1.4.20.
*** This bug has been marked as a duplicate of bug 444696 ***