PT-2010-4822 · Php · Php

Published

2010-11-08

Updated

2024-06-15

CVE-2010-3436

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions PHP versions 5.3.x through 5.3.3

Description The issue allows remote attackers to bypass open basedir restrictions via vectors related to the length of a filename. This is related to the fopen wrappers.c in PHP.

Recommendations For PHP versions 5.3.x through 5.3.3, consider updating to a version where this issue is resolved, as the current version may allow remote attackers to bypass security restrictions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2010-3436

OPENSUSE-SU-2024:10290-1

OPENSUSE-SU-2024:10344-1

OPENSUSE-SU-2024:11169-1

Affected Products

Php

PT-2010-4822 · Php · Php

CVE-2010-3436

Weakness Enumeration

Related Identifiers

Affected Products

References · 140