Lucene search

K
ubuntucveUbuntu.comUB:CVE-2006-7243
HistoryJan 18, 2011 - 12:00 a.m.

CVE-2006-7243

2011-01-1800:00:00
ubuntu.com
ubuntu.com
40
php
pathname
access restrictions
file extension
file_exists function

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.008

Percentile

82.0%

PHP before 5.3.4 accepts the \0 character in a pathname, which might allow
context-dependent attackers to bypass intended access restrictions by
placing a safe file extension after this character, as demonstrated by
.php\0.jpg at the end of the argument to the file_exists function.

Bugs

Notes

Author Note
sbeattie upstream only prepared a fix for the 5.3 tree. Backporting the fix to 5.2.x requires modifying php APIs.
OSVersionArchitecturePackageVersionFilename
ubuntu9.10noarchphp5< 5.2.10.dfsg.1-2ubuntu6.9UNKNOWN
ubuntu10.04noarchphp5< 5.3.2-1ubuntu4.8UNKNOWN
ubuntu10.10noarchphp5< 5.3.3-1ubuntu9.4UNKNOWN

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.008

Percentile

82.0%