Описание
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Application Stack v2 for Enterprise Linux | php | Will not fix | ||
| Red Hat Enterprise Linux 4 | php | Will not fix | ||
| Red Hat Enterprise Linux 5 | php53 | Fixed | RHSA-2013:1307 | 30.09.2013 |
| Red Hat Enterprise Linux 5 | php | Fixed | RHSA-2014:0311 | 18.03.2014 |
| Red Hat Enterprise Linux 6 | php | Fixed | RHSA-2013:1615 | 20.11.2013 |
Показывать по
Дополнительная информация
Статус:
EPSS
4 Medium
CVSS2
Связанные уязвимости
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
PHP before 5.3.4 accepts the \0 character in a pathname, which might a ...
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
Уязвимость функции file_exists интерпретатора языка программирования PHP, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
4 Medium
CVSS2