CVE-2014-5120

gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:P

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html
http://php.net/ChangeLog-5.php
http://rhn.redhat.com/errata/RHSA-2014-1327.html
http://rhn.redhat.com/errata/RHSA-2014-1765.html
http://rhn.redhat.com/errata/RHSA-2014-1766.html
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
https://bugs.php.net/bug.php?id=67730	Vendor Advisory
https://support.apple.com/HT204659

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:php:php:5.4.0:::::::*
	cpe:2.3:a:php:php:5.4.0:beta2::::::
	cpe:2.3:a:php:php:5.4.0:beta2:32-bit:::::*
	cpe:2.3:a:php:php:5.4.0:rc2::::::
	cpe:2.3:a:php:php:5.4.1:::::::*
	cpe:2.3:a:php:php:5.4.2:::::::*
	cpe:2.3:a:php:php:5.4.3:::::::*
	cpe:2.3:a:php:php:5.4.4:::::::*
	cpe:2.3:a:php:php:5.4.5:::::::*
	cpe:2.3:a:php:php:5.4.6:::::::*
	cpe:2.3:a:php:php:5.4.7:::::::*
	cpe:2.3:a:php:php:5.4.8:::::::*
	cpe:2.3:a:php:php:5.4.9:::::::*
	cpe:2.3:a:php:php:5.4.10:::::::*
	cpe:2.3:a:php:php:5.4.11:::::::*
	cpe:2.3:a:php:php:5.4.12:::::::*
	cpe:2.3:a:php:php:5.4.12:rc1::::::
	cpe:2.3:a:php:php:5.4.12:rc2::::::
	cpe:2.3:a:php:php:5.4.13:::::::*
	cpe:2.3:a:php:php:5.4.13:rc1::::::
	cpe:2.3:a:php:php:5.4.14:::::::*
	cpe:2.3:a:php:php:5.4.14:rc1::::::
	cpe:2.3:a:php:php:5.4.15:::::::*
	cpe:2.3:a:php:php:5.4.15:rc1::::::
	cpe:2.3:a:php:php:5.4.16:rc1::::::
	cpe:2.3:a:php:php:5.4.17:::::::*
	cpe:2.3:a:php:php:5.4.18:::::::*
	cpe:2.3:a:php:php:5.4.19:::::::*
	cpe:2.3:a:php:php:5.4.20:::::::*
	cpe:2.3:a:php:php:5.4.21:::::::*
	cpe:2.3:a:php:php:5.4.22:::::::*
	cpe:2.3:a:php:php:5.4.23:::::::*
	cpe:2.3:a:php:php:5.4.24:::::::*
	cpe:2.3:a:php:php:5.4.25:::::::*
	cpe:2.3:a:php:php:5.4.26:::::::*
	cpe:2.3:a:php:php:5.4.27:::::::*
	cpe:2.3:a:php:php:5.4.28:::::::*
	cpe:2.3:a:php:php:5.4.29:::::::*
	cpe:2.3:a:php:php:5.4.30:::::::*
	cpe:2.3:a:php:php:5.4.31:::::::*
	cpe:2.3:a:php:php:5.5.0:::::::*
	cpe:2.3:a:php:php:5.5.0:alpha1::::::
	cpe:2.3:a:php:php:5.5.0:alpha2::::::
	cpe:2.3:a:php:php:5.5.0:alpha3::::::
	cpe:2.3:a:php:php:5.5.0:alpha4::::::
	cpe:2.3:a:php:php:5.5.0:alpha5::::::
	cpe:2.3:a:php:php:5.5.0:alpha6::::::
	cpe:2.3:a:php:php:5.5.0:beta1::::::
	cpe:2.3:a:php:php:5.5.0:beta2::::::
	cpe:2.3:a:php:php:5.5.0:beta3::::::
	cpe:2.3:a:php:php:5.5.0:beta4::::::
	cpe:2.3:a:php:php:5.5.0:rc1::::::
	cpe:2.3:a:php:php:5.5.0:rc2::::::
	cpe:2.3:a:php:php:5.5.1:::::::*
	cpe:2.3:a:php:php:5.5.2:::::::*
	cpe:2.3:a:php:php:5.5.3:::::::*
	cpe:2.3:a:php:php:5.5.4:::::::*
	cpe:2.3:a:php:php:5.5.5:::::::*
	cpe:2.3:a:php:php:5.5.6:::::::*
	cpe:2.3:a:php:php:5.5.7:::::::*
	cpe:2.3:a:php:php:5.5.8:::::::*
	cpe:2.3:a:php:php:5.5.9:::::::*
	cpe:2.3:a:php:php:5.5.10:::::::*
	cpe:2.3:a:php:php:5.5.11:::::::*
cpe:2.3:a:php:php:5.5.12:::::::*
cpe:2.3:a:php:php:5.5.13:::::::*
cpe:2.3:a:php:php:5.5.14:::::::*
cpe:2.3:a:php:php:5.5.15:::::::*

History

No history.

Information

Published : 2014-08-23 01:55

Updated : 2024-02-28 12:20

NVD link : CVE-2014-5120

Mitre link : CVE-2014-5120

CVE.ORG link : CVE-2014-5120

JSON object : View

Products Affected

php

CWE

CWE-20

Improper Input Validation

6.4 /10