CVE-2009-3558

Priority
Description
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and
5.3.x before 5.3.1 allows context-dependent attackers to bypass
open_basedir restrictions, and create FIFO files, via the pathname and mode
arguments, as demonstrated by creating a .htaccess file.
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.3.1)
Patches:
Upstream:http://svn.php.net/viewvc?view=revision&revision=288943
More Information

Updated: 2019-03-19 11:51:01 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)