Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-5658
HistoryDec 17, 2008 - 8:30 p.m.

CVE-2008-5658

2008-12-1720:30:00
CWE-22
[email protected]
web.nvd.nist.gov
108
cve
2008-5658
directory traversal
php
ziparchive
extractto
vulnerability
nvd

6.1 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON

Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains … (dot dot) sequences.

References

Related

veracode 1
ubuntucve 2
prion 1
nessus 12
openvas 29
osv 2
debian 3
redhat 1
fedora 4
ubuntu 1
gentoo 1
veracode
veracode
Directory Traversal
2020-04-10 00:31:23
ubuntucve
ubuntucve
CVE-2008-5658
2008-12-17 00:00:00
CVE-2009-1272
2009-04-08 00:00:00
prion
prion
Directory traversal
2008-12-17 20:30:00
nessus
nessus
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 5909)
2009-09-24 00:00:00
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-441)
2009-07-21 00:00:00
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-441)
2009-07-21 00:00:00
openvas
openvas
SLES10: Security update for PHP5
2009-10-13 00:00:00
SLES10: Security update for PHP5
2009-10-13 00:00:00
PHP Security Bypass and File Writing Vulnerability (Dec 2008)
2008-12-26 00:00:00
osv
osv
php5 - multiple issues
2009-11-25 00:00:00
php5 - several vulnerabilities
2009-05-04 00:00:00
debian
debian
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
[SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities
2009-05-04 20:57:57
redhat
redhat
(RHSA-2009:0350) Moderate: php security update
2009-04-14 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: maniadrive-1.2-13.fc10
2009-05-30 02:34:40
[SECURITY] Fedora 10 Update: php-5.2.9-2.fc10
2009-05-30 02:34:40
[SECURITY] Fedora 9 Update: php-5.2.9-2.fc9
2009-05-30 02:38:47
ubuntu
ubuntu
PHP vulnerabilities
2009-02-12 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2010-01-05 00:00:00

6.1 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON
Related for CVE-2008-5658
veracode1ubuntucve2prion1nessus12openvas29osv2debian3redhat1fedora4ubuntu1gentoo1