Описание
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 5.3.5-1ubuntu1 |
| hardy | ignored | end of life |
| karmic | released | 5.2.10.dfsg.1-2ubuntu6.9 |
| lucid | released | 5.3.2-1ubuntu4.8 |
| maverick | released | 5.3.3-1ubuntu9.4 |
| natty | not-affected | 5.3.5-1ubuntu1 |
| oneiric | not-affected | 5.3.5-1ubuntu1 |
| upstream | released | 5.3.4 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
PHP before 5.3.4 accepts the \0 character in a pathname, which might a ...
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
Уязвимость функции file_exists интерпретатора языка программирования PHP, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
5 Medium
CVSS2