exploitDog

CVE-2008-5658

Опубликовано: 04 дек. 2008

Источник: redhat

EPSS Низкий

Описание

Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.

Отчет

This issue did not affect PHP versions as shipped in Red Hat Enterprise Linux 2.1, 3, 4, and 5, and Red Hat Application Stack v1.

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2008-5658

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=474824php: ZipArchive:: extractTo() Directory Traversal Vulnerability

EPSS

Процентиль: 69%

0.0062

Низкий

Связанные уязвимости

CVE-2008-5658

ubuntu

больше 16 лет назад

Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.

CVE-2008-5658

nvd

больше 16 лет назад

Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.

CVE-2008-5658

debian

больше 16 лет назад

Directory traversal vulnerability in the ZipArchive::extractTo functio ...

GHSA-3jwh-q6hx-pvmh

github

около 3 лет назад

Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.

EPSS

Процентиль: 69%

0.0062

Низкий