Описание
The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 5.1.2-1ubuntu3.17 |
| devel | released | 5.2.11.dfsg.1-2ubuntu1 |
| hardy | released | 5.2.4-2ubuntu5.9 |
| intrepid | released | 5.2.6-2ubuntu4.5 |
| jaunty | released | 5.2.6.dfsg.1-3ubuntu4.4 |
| karmic | released | 5.2.10.dfsg.1-2ubuntu6.3 |
| upstream | released | 5.3.1 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.
The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.
The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5 ...
The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.
EPSS
5 Medium
CVSS2