3 matches found
CVE-2009-5054
Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operations...
CVE-2009-5054
Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operations...
CVE-2009-5054
Smarty before 3.0.0 beta 4 does not consider the umask value when setting file permissions, which may allow bypass of intended access restrictions via standard filesystem operations. Affected component: Smarty (PHP template engine). Root cause: permissions are assigned without regard to umask, en...