CVE-2009-3557

Priority
Description
The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x
before 5.3.1 allows context-dependent attackers to bypass safe_mode
restrictions, and create files in group-writable or world-writable
directories, via the dir and prefix arguments.
Notes
 mdeslaur> safe_mode is not supported
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.3.1)
Patches:
Upstream:http://svn.php.net/viewvc?view=revision&revision=288945
More Information

Updated: 2019-03-19 11:51:00 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)