Launchpad CVE tracker

CVE 2008-5658

Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.

Related bugs and status

CVE-2008-5658 (Candidate) is related to these bugs:

Bug #286851: CVE-2008-3658,2008-3659,2008-3660

		In	Importance	Status
286851	CVE-2008-3658,2008-3659,2008-3660	php5 (Ubuntu)	Undecided	Fix Released
286851	CVE-2008-3658,2008-3659,2008-3660	Debian	Unknown	Fix Released
286851	CVE-2008-3658,2008-3659,2008-3660	php5 (Ubuntu Hardy)	Undecided	Fix Released

Bug #317672: CVE-2008-5557: heap overflows in the mbstring extension

Summary				In	Importance	Status
	317672	CVE-2008-5557: heap overflows in the mbstring extension		php5 (Ubuntu)	Undecided	Fix Released
	317672	CVE-2008-5557: heap overflows in the mbstring extension		php5 (Ubuntu Hardy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2008120...
MISC: http://www.sektioneins...
CONFIRM: http://www.php.net/Cha...
BID: 32625
SECTRACK: 1021303
SUSE: SUSE-SR:2009:004
MANDRIVA: MDVSA-2009:045
CONFIRM: http://wiki.rpath.com/...
BUGTRAQ: 20081204 Advisory 06/2...
OSVDB: 50480
REDHAT: RHSA-2009:0350
DEBIAN: DSA-1789
SECUNIA: 35003
FEDORA: FEDORA-2009-3768
FEDORA: FEDORA-2009-3848
SECUNIA: 35306
SECUNIA: 35650
HP: HPSBUX02431
HP: SSRT090085
HP: HPSBUX02465
HP: SSRT090192
XF: php-ziparchive-directo...
BUGTRAQ: 20090302 rPSA-2009-003...

Launchpad.net

CVE 2008-5658

Related bugs and status

Related bugs

References