Description

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

Remediation

References

CVE-2010-1129

Related Vulnerabilities

Oracle HTTP Server CVE-2021-35666 Vulnerability (CVE-2021-35666)

Atlassian Jira Missing Authorization Vulnerability (CVE-2019-3399)

Angular Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)

Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3745)

ZenCart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4403)

Severity

High

Classification

CVE-2010-1129 CWE-20

Tags

Missing Update Known Vulnerabilities