CVE-2011-2202

Priority
Description
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7
does not properly restrict filenames in multipart/form-data POST requests,
which allows remote attackers to conduct absolute path traversal attacks,
and possibly create or overwrite arbitrary files, via a crafted upload
request, related to a "file path injection vulnerability."
Assigned-to
sbeattie
Notes
mdeslaurPoC: http://pastebin.com/1edSuSVN
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.3.6-12)
Patches:
Upstream:http://svn.php.net/viewvc?view=revision&revision=312103
Debdiff:https://launchpad.net/bugs/813115
More Information

Updated: 2020-03-18 22:06:27 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)