Total vulnerabilities in the database
The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
| Software | From | Fixed in |
|---|---|---|
| redhat / enterprise_linux_desktop | 7.0 | 7.0.x |
| redhat / enterprise_linux_workstation | 7.0 | 7.0.x |
| redhat / enterprise_linux_server | 7.0 | 7.0.x |
| redhat / enterprise_linux_hpc_node | 7.0 | 7.0.x |
| redhat / enterprise_linux_server_eus | 7.1 | 7.1.x |
| redhat / enterprise_linux_hpc_node_eus | 7.1 | 7.1.x |
| apple / mac_os_x | - | 10.10.5.x |
| opensuse / opensuse | 13.1 | 13.1.x |
| opensuse / opensuse | 13.2 | 13.2.x |
| php / php | 5.6.1 | 5.6.1.x |
| php / php | 5.5.0-alpha1 | 5.5.0-alpha1.x |
| php / php | 5.6.0-alpha5 | 5.6.0-alpha5.x |
| php / php | 5.6.5 | 5.6.5.x |
| php / php | 5.5.0-alpha3 | 5.5.0-alpha3.x |
| php / php | 5.5.19 | 5.5.19.x |
| php / php | 5.5.0-beta3 | 5.5.0-beta3.x |
| php / php | 5.5.0 | 5.5.0.x |
| php / php | 5.5.16 | 5.5.16.x |
| php / php | 5.6.0-beta2 | 5.6.0-beta2.x |
| php / php | 5.6.0-beta1 | 5.6.0-beta1.x |
| php / php | 5.5.1 | 5.5.1.x |
| php / php | 5.5.5 | 5.5.5.x |
| php / php | 5.6.4 | 5.6.4.x |
| php / php | 5.5.21 | 5.5.21.x |
| php / php | 5.6.6 | 5.6.6.x |
| php / php | 5.5.17 | 5.5.17.x |
| php / php | 5.6.0-alpha3 | 5.6.0-alpha3.x |
| php / php | 5.5.14 | 5.5.14.x |
| php / php | 5.5.7 | 5.5.7.x |
| php / php | 5.5.0-beta1 | 5.5.0-beta1.x |
| php / php | 5.6.2 | 5.6.2.x |
| php / php | 5.5.12 | 5.5.12.x |
| php / php | - | 5.4.38.x |
| php / php | 5.6.0-beta3 | 5.6.0-beta3.x |
| php / php | 5.5.6 | 5.5.6.x |
| php / php | 5.5.0-rc1 | 5.5.0-rc1.x |
| php / php | 5.5.0-beta4 | 5.5.0-beta4.x |
| php / php | 5.5.3 | 5.5.3.x |
| php / php | 5.5.8 | 5.5.8.x |
| php / php | 5.6.0-beta4 | 5.6.0-beta4.x |
| php / php | 5.5.0-alpha6 | 5.5.0-alpha6.x |
| php / php | 5.5.0-beta2 | 5.5.0-beta2.x |
| php / php | 5.5.15 | 5.5.15.x |
| php / php | 5.5.11 | 5.5.11.x |
| php / php | 5.5.13 | 5.5.13.x |
| php / php | 5.6.0-alpha2 | 5.6.0-alpha2.x |
| php / php | 5.5.4 | 5.5.4.x |
| php / php | 5.5.0-alpha4 | 5.5.0-alpha4.x |
| php / php | 5.6.0-alpha1 | 5.6.0-alpha1.x |
| php / php | 5.5.10 | 5.5.10.x |
| php / php | 5.6.3 | 5.6.3.x |
| php / php | 5.5.0-alpha5 | 5.5.0-alpha5.x |
| php / php | 5.5.22 | 5.5.22.x |
| php / php | 5.5.18 | 5.5.18.x |
| php / php | 5.5.0-alpha2 | 5.5.0-alpha2.x |
| php / php | 5.5.20 | 5.5.20.x |
| php / php | 5.6.0-alpha4 | 5.6.0-alpha4.x |
| php / php | 5.5.2 | 5.5.2.x |
| php / php | 5.5.0-rc2 | 5.5.0-rc2.x |
| php / php | 5.5.9 | 5.5.9.x |