- Description
- Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or blog pingback.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
- Red HatNot vulnerable. The zip extension was not shipped in versions of PHP provided for Red Hat Enterprise Linux 2.1, 3, 4, 5, Stronghold 4.0, or Red Hat Application Stack 1.
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pecl_zip:1.8.3:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E5644BE-E229-41B6-ACBB-C613740A2C6F"
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99"
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3"
}
],
"operator": "OR"
}
]
}
]