PublicDateAtUSN: 2015-06-09
Candidate: CVE-2015-4025
PublicDate: 2015-06-09 18:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4025
 https://ubuntu.com/security/notices/USN-2658-1
Description:
 PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a
 pathname upon encountering a \x00 character in certain situations, which
 allows remote attackers to bypass intended extension restrictions and
 access files or directories with unexpected names via a crafted argument to
 (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink.  NOTE: this
 vulnerability exists because of an incomplete fix for CVE-2006-7243.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.php.net/bug.php?id=69418
Priority: low
Discovered-by: Tomas Hoger
Assigned-to: mdeslaur
CVSS: 

Patches_php5:
 upstream: http://git.php.net/?p=php-src.git;a=commit;h=be9b2a95adb504abd5acdc092d770444ad6f6854 (5.4-5.6)
 upstream: http://git.php.net/?p=php-src.git;a=commit;h=634aa0a2dbf8ec5e6fabb4ee01c6d1355ba7ee67 (5.4-5.6)
upstream_php5: released (5.4.41,5.5.25,5.6.9)
precise_php5: released (5.3.10-1ubuntu3.19)
trusty_php5: released (5.5.9+dfsg-1ubuntu4.11)
trusty/esm_php5: released (5.5.9+dfsg-1ubuntu4.11)
utopic_php5: released (5.5.12+dfsg-2ubuntu4.6)
vivid_php5: released (5.6.4+dfsg-4ubuntu6.2)
devel_php5: released (5.6.9+dfsg-1ubuntu1)