CVE-2014-3981

acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.

CVSS v2.0 3.3 LOW

3.3^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:M/Au:N/C:N/I:P/A:P

Exploitability : 3.4 / Impact : 4.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=91bcadd85e20e50d3f8c2e9721327681640e6f16
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html	Mailing List
http://marc.info/?l=bugtraq&m=141017844705317&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141390017113542&w=2	Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2014/06/06/12	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Jun/21	Mailing List Third Party Advisory
http://support.apple.com/kb/HT6443	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21683486	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html	Third Party Advisory
https://bugs.php.net/bug.php?id=67390	Patch Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1104978	Issue Tracking Third Party Advisory
https://support.apple.com/HT204659	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::

History

07 Nov 2023, 02:20

Type	Values Removed	Values Added
References	{'url': 'http://git.php.net/?p=php-src.git;a=commit;h=91bcadd85e20e50d3f8c2e9721327681640e6f16', 'name': 'http://git.php.net/?p=php-src.git;a=commit;h=91bcadd85e20e50d3f8c2e9721327681640e6f16', 'tags': ['Patch', 'Vendor Advisory'], 'refsource': 'CONFIRM'}	() http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=91bcadd85e20e50d3f8c2e9721327681640e6f16 -

Information

Published : 2014-06-08 18:55

Updated : 2024-02-28 12:20

NVD link : CVE-2014-3981

Mitre link : CVE-2014-3981

CVE.ORG link : CVE-2014-3981

JSON object : View

Products Affected

php

php

CWE

CWE-59

Improper Link Resolution Before File Access ('Link Following')

{"id": "CVE-2014-3981", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-06-08T18:55:06.030", "references": [{"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=91bcadd85e20e50d3f8c2e9721327681640e6f16", "source": "cve@mitre.org"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "tags": ["Mailing List"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=141390017113542&w=2", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://openwall.com/lists/oss-security/2014/06/06/12", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2014/Jun/21", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.apple.com/kb/HT6443", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683486", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://bugs.php.net/bug.php?id=67390", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104978", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/HT204659", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-59"}]}], "descriptions": [{"lang": "en", "value": "acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file."}, {"lang": "es", "value": "acinclude.m4, utilizado en la secuencia de comandos de configuraci\u00f3n en PHP 5.5.13 y anteriores, permite a usuarios locales sobrescribir archivos arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre el archivo /tmp/phpglibccheck."}], "lastModified": "2023-11-07T02:20:21.543", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "388E0CDF-737F-437E-B4D9-1001E0651387", "versionEndExcluding": "5.3.29"}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD052020-AA37-4F49-A0FE-EA99616C12C7", "versionEndExcluding": "5.4.30", "versionStartIncluding": "5.4.0"}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4ADC6057-9D35-4D87-B15D-F6F52A283464", "versionEndExcluding": "5.5.14", "versionStartIncluding": "5.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}