Security bypass vulnerability in PHP before 5.3.7ID: oval:org.secpod.oval:def:1350 | Date: (C)2011-06-27 (M)2022-11-29 |
Class: VULNERABILITY | Family: windows |
The host is installed with PHP and is prone to security bypass vulnerability. A flaw in present in SAPI_POST_HANDLER_FUNC() in rfc1867.c, which fails to filter user-supplied file path names when filling the $_FILES[] array. Successful exploitation could allow remote attackers to submit a specially crafted multipart/form-data form to cause the target server to overwrite an arbitrary file in the root directory of the server with the privileges of the web service.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows 8 |