Lucene search

K
f5F5F5:K17212
HistorySep 01, 2015 - 12:00 a.m.

K17212 : PHP vulnerability CVE-2014-5459

2015-09-0100:00:00
my.f5.com
7

6.6 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

24.8%

Security Advisory Description

The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions. (CVE-2014-5459)

Impact

There is no impact; F5 products are not affected by this vulnerability.

6.6 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

24.8%