Description

acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.

Remediation

References

CVE-2014-3981

Related Vulnerabilities

TYPO3 Improper Authentication Vulnerability (CVE-2023-47127)

WordPress Other Vulnerability (CVE-2005-4463)

Internet Information Services Other Vulnerability (CVE-1999-0739)

WordPress Plugin Request a Quote Cross-Site Scripting (2.3.3)

OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-8176)

Severity

Low

Classification

CVE-2014-3981 CWE-59

Tags

Missing Update Known Vulnerabilities