Security Advisory

CVE-2009-3558

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-11-23 17:00:00

Last updated 2024-08-07 06:31:10

Assigner redhat

State PUBLISHED

Description

The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.

← Browse all CVEs View on cve.org ↗