QwikSec

Security Database

CVE

CWE

Training

CVE-2015-2348

Published: Mar 30, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_HP

http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1291d6bbee93b6109eb07e8f7916ff1b7fcc13e1

x_refsource_CONFIRM

APPLE-SA-2015-09-30-3

vendor-advisory

x_refsource_APPLE

vendor-advisory

x_refsource_HP

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

x_refsource_CONFIRM

http://php.net/ChangeLog-5.php

x_refsource_CONFIRM

SUSE-SU-2015:0868

vendor-advisory

x_refsource_SUSE

https://support.apple.com/HT205267

x_refsource_CONFIRM

https://bugs.php.net/bug.php?id=69207

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2015:0684

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_GENTOO

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2015-2348 - Security Vulnerability | QwikSec