CVE-2011-1072

The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:N/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
VendorProductVersion
phppear
𝑥
≤ 1.9.1
phppear
0.2.2
phppear
0.9
phppear
0.10
phppear
0.11
phppear
0.90
phppear
1.0
phppear
1.0.1
phppear
1.1
phppear
1.2
phppear
1.2.1
phppear
1.3
phppear
1.3.1
phppear
1.3.3
phppear
1.3.3.1
phppear
1.3.4
phppear
1.3.5
phppear
1.3.6
phppear
1.4.0
phppear
1.4.0:rc1
phppear
1.4.0:rc2
phppear
1.4.1
phppear
1.4.2
phppear
1.5.0
phppear
1.5.1
phppear
1.6.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
php5
natty
not-affected
maverick
Fixed 5.3.3-1ubuntu9.4
released
lucid
Fixed 5.3.2-1ubuntu4.8
released
karmic
Fixed 5.2.10.dfsg.1-2ubuntu6.9
released
hardy
Fixed 5.2.4-2ubuntu5.15
released
dapper
Fixed 5.1.2-1ubuntu3.22
released
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546164
http://news.php.net/php.pear.cvs/61264
http://openwall.com/lists/oss-security/2011/02/28/12
http://openwall.com/lists/oss-security/2011/02/28/3
http://openwall.com/lists/oss-security/2011/02/28/5
http://openwall.com/lists/oss-security/2011/03/01/4
http://openwall.com/lists/oss-security/2011/03/01/5
http://openwall.com/lists/oss-security/2011/03/01/7
http://openwall.com/lists/oss-security/2011/03/01/8
http://openwall.com/lists/oss-security/2011/03/01/9
http://pear.php.net/advisory-20110228.txt
http://pear.php.net/bugs/bug.php?id=18056
http://secunia.com/advisories/43533
http://security-tracker.debian.org/tracker/CVE-2011-1072
http://svn.php.net/viewvc?view=revision&revision=308687
http://www.mandriva.com/security/advisories?name=MDVSA-2011:187
http://www.redhat.com/support/errata/RHSA-2011-1741.html
http://www.securityfocus.com/bid/46605
https://exchange.xforce.ibmcloud.com/vulnerabilities/65721
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546164
http://news.php.net/php.pear.cvs/61264
http://openwall.com/lists/oss-security/2011/02/28/12
http://openwall.com/lists/oss-security/2011/02/28/3
http://openwall.com/lists/oss-security/2011/02/28/5
http://openwall.com/lists/oss-security/2011/03/01/4
http://openwall.com/lists/oss-security/2011/03/01/5
http://openwall.com/lists/oss-security/2011/03/01/7
http://openwall.com/lists/oss-security/2011/03/01/8
http://openwall.com/lists/oss-security/2011/03/01/9
http://pear.php.net/advisory-20110228.txt
http://pear.php.net/bugs/bug.php?id=18056
http://secunia.com/advisories/43533
http://security-tracker.debian.org/tracker/CVE-2011-1072
http://svn.php.net/viewvc?view=revision&revision=308687
http://www.mandriva.com/security/advisories?name=MDVSA-2011:187
http://www.redhat.com/support/errata/RHSA-2011-1741.html
http://www.securityfocus.com/bid/46605
https://exchange.xforce.ibmcloud.com/vulnerabilities/65721