Lucene search
MitreCVELIST:CVE-2011-1144HistoryMar 03, 2011 - 12:00 a.m.
CVE-2011-1144
2011-03-0300:00:00
mitre
www.cve.org
5
The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1072.
References
openwall.com/lists/oss-security/2011/02/28/5
openwall.com/lists/oss-security/2011/03/01/4
openwall.com/lists/oss-security/2011/03/01/5
openwall.com/lists/oss-security/2011/03/01/7
openwall.com/lists/oss-security/2011/03/01/8
openwall.com/lists/oss-security/2011/03/01/9
pear.php.net/bugs/bug.php?id=18056
exchange.xforce.ibmcloud.com/vulnerabilities/65911
Related
nvd
nvd
CVE-2011-1144
2011-03-03 01:00:01
CVE-2011-1072
2011-03-03 01:00:01
cve
cve
CVE-2011-1144
2011-03-03 01:00:01
CVE-2011-1072
2011-03-03 01:00:01
ubuntucve
ubuntucve
CVE-2011-1144
2011-03-02 00:00:00
CVE-2011-1072
2011-03-02 00:00:00
prion
prion
Design/Logic Flaw
2011-03-03 01:00:00
Design/Logic Flaw
2011-03-03 01:00:00
openvas
openvas
RedHat Update for php-pear RHSA-2011:1741-03
2012-07-09 00:00:00
Oracle: Security Advisory (ELSA-2011-1741)
2015-10-06 00:00:00
RedHat Update for php-pear RHSA-2011:1741-03
2012-07-09 00:00:00
nessus
nessus
Scientific Linux Security Update : php-pear on SL6.x
2012-08-01 00:00:00
RHEL 6 : php-pear (RHSA-2011:1741)
2011-12-06 00:00:00
Mandriva Linux Security Advisory : php-pear (MDVSA-2011:187)
2011-12-16 00:00:00
oraclelinux
oraclelinux
php-pear security and bug fix update
2011-12-14 00:00:00
veracode
veracode
Symlink Attack
2020-04-10 01:05:49
redhat
redhat
(RHSA-2011:1741) Low: php-pear security and bug fix update
2011-12-06 00:00:00
cvelist
cvelist
CVE-2011-1072
2011-03-03 00:00:00
ubuntu
ubuntu
PHP Regressions
2011-05-05 00:00:00
PHP vulnerabilities
2011-04-29 00:00:00
securityvulns
securityvulns
[USN-1126-1] PHP vulnerabilities
2011-05-01 00:00:00
PHP multiple security vulnerabilities
2011-05-01 00:00:00
suse
suse
Security update for PHP5 (important)
2012-04-12 23:08:15
Security update for PHP5 (important)
2013-08-16 21:04:11
osv
osv
php5 - several
2012-02-13 00:00:00
debian
debian
[SECURITY] [DSA 2408-1] php5 security update
2012-02-13 18:15:24
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00