{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-02T00:00:00", "descriptions": [{"lang": "en", "value": "PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2015:1187", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"}, {"name": "1032709", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032709"}, {"name": "RHSA-2015:1186", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.php.net/bug.php?id=69353"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://php.net/ChangeLog-5.php"}, {"name": "RHSA-2015:1135", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"}, {"name": "75250", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/75250"}, {"name": "RHSA-2015:1218", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-3412", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2015:1187", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"}, {"name": "1032709", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032709"}, {"name": "RHSA-2015:1186", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"}, {"name": "https://bugs.php.net/bug.php?id=69353", "refsource": "CONFIRM", "url": "https://bugs.php.net/bug.php?id=69353"}, {"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "http://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257", "refsource": "CONFIRM", "url": "http://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257"}, {"name": "http://php.net/ChangeLog-5.php", "refsource": "CONFIRM", "url": "http://php.net/ChangeLog-5.php"}, {"name": "RHSA-2015:1135", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"}, {"name": "75250", "refsource": "BID", "url": "http://www.securityfocus.com/bid/75250"}, {"name": "RHSA-2015:1218", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:47:57.712Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2015:1187", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"}, {"name": "1032709", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1032709"}, {"name": "RHSA-2015:1186", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.php.net/bug.php?id=69353"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://php.net/ChangeLog-5.php"}, {"name": "RHSA-2015:1135", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"}, {"name": "75250", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/75250"}, {"name": "RHSA-2015:1218", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-3412", "datePublished": "2016-05-16T10:00:00", "dateReserved": "2015-04-24T00:00:00", "dateUpdated": "2024-08-06T05:47:57.712Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "1228E622-0524-4254-BA07-6EED39637EA4", "versionEndIncluding": "5.4.39", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", "matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", "matchCriteriaId": "840EE3AC-5293-4F33-9E2C-96A0A2534B02", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", "matchCriteriaId": "1C0FC407-96DB-425E-BB57-7A5BA839C37F", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", "matchCriteriaId": "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", "matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", "matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", "matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", "matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", "matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", "matchCriteriaId": "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "CE65D0D4-CB56-4946-AB44-2EF554602A96", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension."}, {"lang": "es", "value": "PHP en versiones anteriores a 5.5.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 no asegura que los nombres de ruta carezcan de secuencia %00, lo que permite a atacantes remotos leer archivos arbitrarios a trav\u00e9s de una entrada manipulada que llama a la funci\u00f3n stream_resolve_include_path en ext/standard/streamsfuncs.c, como se demuestra con un ataque filename\\0.extension que eluce una configuraci\u00f3n deseada en la que los usuarios cliente pueden leer archivos con s\u00f3lo una extensi\u00f3n espec\u00edfica."}], "id": "CVE-2015-3412", "lastModified": "2023-11-07T02:25:37.800", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-05-16T10:59:03.423", "references": [{"source": "cve@mitre.org", "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://php.net/ChangeLog-5.php"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"}, {"source": "cve@mitre.org", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/75250"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1032709"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://bugs.php.net/bug.php?id=69353"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-254"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2015:1218", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "php-0:5.3.3-46.el6_6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2015-07-09T00:00:00Z"}, {"advisory": "RHSA-2015:1135", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "php-0:5.4.16-36.ael7b_1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-06-23T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php54-0:2.0-1.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php54-php-0:5.4.40-1.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php54-php-pecl-zendopcache-0:7.0.4-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1186", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php55-php-0:5.5.21-4.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-25T00:00:00Z"}, {"advisory": "RHSA-2015:1187", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-php56-php-0:5.6.5-7.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-25T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php54-0:2.0-1.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php54-php-0:5.4.40-1.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php54-php-pecl-zendopcache-0:7.0.4-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1186", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php55-php-0:5.5.21-4.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-25T00:00:00Z"}, {"advisory": "RHSA-2015:1187", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-php56-php-0:5.6.5-7.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-25T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php54-0:2.0-1.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php54-php-0:5.4.40-1.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php54-php-pecl-zendopcache-0:7.0.4-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1186", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "php55-php-0:5.5.21-4.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-25T00:00:00Z"}, {"advisory": "RHSA-2015:1187", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-php56-php-0:5.6.5-7.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-25T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "php54-0:2.0-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "php54-php-0:5.4.40-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1066", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "php54-php-pecl-zendopcache-0:7.0.4-3.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1186", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "php55-php-0:5.5.21-4.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-25T00:00:00Z"}, {"advisory": "RHSA-2015:1187", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-php56-php-0:5.6.5-7.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-25T00:00:00Z"}, {"advisory": "RHSA-2015:1186", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "php55-php-0:5.5.21-4.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2015-06-25T00:00:00Z"}, {"advisory": "RHSA-2015:1187", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-php56-php-0:5.6.5-7.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS", "release_date": "2015-06-25T00:00:00Z"}], "bugzilla": {"description": "php: missing null byte checks for paths in various PHP extensions", "id": "1232823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1232823"}, "csaw": false, "cvss": {"cvss_base_score": "4.0", "cvss_scoring_vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "status": "verified"}, "cwe": "CWE-626", "details": ["PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.", "It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions."], "name": "CVE-2015-3412", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "php", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "php53", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:1", "fix_state": "Affected", "package_name": "php54-php", "product_name": "Red Hat Software Collections"}], "public_date": "2015-04-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-3412\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-3412"], "threat_severity": "Moderate", "upstream_fix": "php 5.4.40, php 5.5.24, php 5.6.8"}