CVE-2008-5658

2008-12-1700:00:00

ubuntu.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON

Directory traversal vulnerability in the ZipArchive::extractTo function in
PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary
files via a ZIP file with a file whose name contains … (dot dot)
sequences.

Bugs

Notes

Author	Note
mdeslaur	zip is only in php > 5.2.x apart from these patches, libzip was updated to 0.9.0 not sure if it’s necessary to fix the issue… seems the issue is not resolved: http://bugs.php.net/bug.php?id=47188 more info: http://news.php.net/php.internals/42758 http://news.php.net/php.internals/42760 http://news.php.net/php.internals/42762 http://news.php.net/php.internals/42796 (proposed patch) http://news.php.net/php.internals/42797 (proposed smaller patch)

Author

Note

mdeslaur

zip is only in php > 5.2.x apart from these patches, libzip was updated to 0.9.0 not sure if it’s necessary to fix the issue… seems the issue is not resolved: http://bugs.php.net/bug.php?id=47188 more info: http://news.php.net/php.internals/42758 http://news.php.net/php.internals/42760 http://news.php.net/php.internals/42762 http://news.php.net/php.internals/42796 (proposed patch) http://news.php.net/php.internals/42797 (proposed smaller patch)

OSVersionArchitecturePackageVersionFilename
ubuntu7.10noarchphp5< 5.2.3-1ubuntu6.5UNKNOWN
ubuntu8.04noarchphp5< 5.2.4-2ubuntu5.5UNKNOWN
ubuntu8.10noarchphp5< 5.2.6-2ubuntu4.1UNKNOWN