Ubuntu.comUB:CVE-2011-2202CVE-2011-2202
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.055 Low
EPSS
Percentile
93.1%
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7
does not properly restrict filenames in multipart/form-data POST requests,
which allows remote attackers to conduct absolute path traversal attacks,
and possibly create or overwrite arbitrary files, via a crafted upload
request, related to a “file path injection vulnerability.”
Bugs
- <https://bugs.launchpad.net/ubuntu/oneiric/+source/php5/+bug/813115>
- <http://bugs.php.net/bug.php?id=54939>
Notes
| Author | Note |
|---|---|
| mdeslaur | PoC: http://pastebin.com/1edSuSVN |
Related
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.055 Low
EPSS
Percentile
93.1%