Description

acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.

Remediation

References

CVE-2014-3981

Related Vulnerabilities

WordPress Plugin Gallery-Flagallery Photo Portfolio 'facebook.php' Cross-Site Scripting (1.56)

WordPress Plugin cloudsafe365_for_WP 'file' Parameter Remote File Disclosure (1.46)

WordPress Plugin Wordpress Countdown Widget Cross-Site Scripting (3.1.9.2)

Jboss EAP CVE-2022-4492 Vulnerability (CVE-2022-4492)

WordPress Plugin Custom Searchable Data Entry System Security Bypass (1.7.1)

Severity

Low

Classification

CVE-2014-3981 CWE-59

Tags

Missing Update Known Vulnerabilities