Published: 26/03/2010 Updated: 31/08/2010

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The safe_mode implementation in PHP prior to 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent malicious users to bypass intended access restrictions via vectors related to use of the tempnam function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 5.2.5
php php 5.2.6
php php 5.2.0
php php 5.2.7
php php 5.2.8
php php 5.2.9
php php 5.2.3
php php 5.2.4
php php 5.2.12
php php 5.2.1
php php 5.2.2
php php 5.2.10
php php 5.2.11

Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests An attacker could exploit this issue to cause the PHP server to crash, resulting in a denial of service This issue only affected Ubuntu 606 LTS, 804 LTS, 904 and 910 (CVE-2010-0397) ...

CWE-20 http://www.vupen.com/english/advisories/2010/0479 http://secunia.com/advisories/38708 http://www.php.net/ChangeLog-5.php http://www.php.net/releases/5_2_13.php http://www.securityfocus.com/bid/38431 http://securitytracker.com/id?1023661 http://www.vupen.com/english/advisories/2010/1796 http://secunia.com/advisories/40551 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083 http://support.apple.com/kb/HT4312 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html https://nvd.nist.gov https://usn.ubuntu.com/989-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-1129

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect