Lucene search

[email protected]CVE-2015-2348

HistoryMar 30, 2015 - 10:59 a.m.

CVE-2015-2348

2015-03-3010:59:14

CWE-264

[email protected]

web.nvd.nist.gov

cve

php

security

vulnerability

bypass

remote attackers

extension restrictions

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.4 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.0%

JSON

The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.

Affected configurations

NVD

Node

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_hpc_nodeMatch7.0

redhatenterprise_linux_hpc_node_eusMatch7.1

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_server_eusMatch7.1

redhatenterprise_linux_workstationMatch7.0

Node

applemac_os_xRange≤10.10.5

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

Node

phpphpRange≤5.4.38

phpphpMatch5.5.0

phpphpMatch5.5.0alpha1

phpphpMatch5.5.0alpha2

phpphpMatch5.5.0alpha3

phpphpMatch5.5.0alpha4

phpphpMatch5.5.0alpha5

phpphpMatch5.5.0alpha6

phpphpMatch5.5.0beta1

phpphpMatch5.5.0beta2

phpphpMatch5.5.0beta3

phpphpMatch5.5.0beta4

phpphpMatch5.5.0rc1

phpphpMatch5.5.0rc2

phpphpMatch5.5.1

phpphpMatch5.5.2

phpphpMatch5.5.3

phpphpMatch5.5.4

phpphpMatch5.5.5

phpphpMatch5.5.6

phpphpMatch5.5.7

phpphpMatch5.5.8

phpphpMatch5.5.9

phpphpMatch5.5.10

phpphpMatch5.5.11

phpphpMatch5.5.12

phpphpMatch5.5.13

phpphpMatch5.5.14

phpphpMatch5.5.15

phpphpMatch5.5.16

phpphpMatch5.5.17

phpphpMatch5.5.18

phpphpMatch5.5.19

phpphpMatch5.5.20

phpphpMatch5.5.21

phpphpMatch5.5.22

phpphpMatch5.6.0alpha1

phpphpMatch5.6.0alpha2

phpphpMatch5.6.0alpha3

phpphpMatch5.6.0alpha4

phpphpMatch5.6.0alpha5

phpphpMatch5.6.0beta1

phpphpMatch5.6.0beta2

phpphpMatch5.6.0beta3

phpphpMatch5.6.0beta4

phpphpMatch5.6.1

phpphpMatch5.6.2

phpphpMatch5.6.3

phpphpMatch5.6.4

phpphpMatch5.6.5

phpphpMatch5.6.6

CPENameOperatorVersion
redhat:enterprise_linux_desktopredhat enterprise linux desktopeq7.0
redhat:enterprise_linux_hpc_noderedhat enterprise linux hpc nodeeq7.0
redhat:enterprise_linux_hpc_node_eusredhat enterprise linux hpc node euseq7.1
redhat:enterprise_linux_serverredhat enterprise linux servereq7.0
redhat:enterprise_linux_server_eusredhat enterprise linux server euseq7.1
redhat:enterprise_linux_workstationredhat enterprise linux workstationeq7.0

CPE	Name	Operator	Version
redhat:enterprise_linux_desktop	redhat enterprise linux desktop	eq	7.0
redhat:enterprise_linux_hpc_node	redhat enterprise linux hpc node	eq	7.0
redhat:enterprise_linux_hpc_node_eus	redhat enterprise linux hpc node eus	eq	7.1
redhat:enterprise_linux_server	redhat enterprise linux server	eq	7.0
redhat:enterprise_linux_server_eus	redhat enterprise linux server eus	eq	7.1
redhat:enterprise_linux_workstation	redhat enterprise linux workstation	eq	7.0