CVE-2011-1144

2011-03-0301:00:00

CWE-59

[email protected]

web.nvd.nist.gov

installer

pear

symlink attack

cve-2011-1144

security vulnerability

local users

arbitrary files

nvd

incomplete fix

8.6 High

AI Score

Confidence

High

3.3 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

14.3%

JSON

The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1072.

CPENameOperatorVersion
php:pearphp peareq0.9
php:pearphp peareq1.3.4
php:pearphp peareq1.2.1
php:pearphp pearle1.9.2
php:pearphp peareq1.3.3.1
php:pearphp peareq1.4.2
php:pearphp peareq1.0.1
php:pearphp peareq1.0
php:pearphp peareq1.2
php:pearphp peareq1.5.0

CPE	Name	Operator	Version
php:pear	php pear	eq	0.9
php:pear	php pear	eq	1.3.4
php:pear	php pear	eq	1.2.1
php:pear	php pear	le	1.9.2
php:pear	php pear	eq	1.3.3.1
php:pear	php pear	eq	1.4.2
php:pear	php pear	eq	1.0.1
php:pear	php pear	eq	1.0
php:pear	php pear	eq	1.2
php:pear	php pear	eq	1.5.0