Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-1129

Опубликовано: 26 мар. 2010
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*

EPSS

Процентиль: 82%
0.01859
Низкий

7.5 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu
больше 15 лет назад

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

redhat
больше 15 лет назад

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

debian
больше 15 лет назад

The safe_mode implementation in PHP before 5.2.13 does not properly ha ...

github
около 3 лет назад

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

EPSS

Процентиль: 82%
0.01859
Низкий

7.5 High

CVSS2

Дефекты

CWE-20