CVE-2015-4598

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.4.42 PHP versions 5.5.x prior to 5.5.26 PHP versions 5.6.x prior to 5.6.10

Description The issue is related to the lack of checking for %00 sequences in path names, which can be exploited by a remote attacker to read or write to arbitrary files. This can be achieved by providing specially crafted input to an application that uses the DOMDocument save method or the GD imagepsloadfont function. For example, an attack using a filename like filename0.html could bypass intended configuration restrictions, such as only allowing clients to write to .html files.

Recommendations For PHP versions prior to 5.4.42, update to version 5.4.42 or later. For PHP versions 5.5.x prior to 5.5.26, update to version 5.5.26 or later. For PHP versions 5.6.x prior to 5.6.10, update to version 5.6.10 or later. As a temporary workaround, consider restricting the use of the DOMDocument save method and the GD imagepsloadfont function until a patch is applied.