{ "id": "CVE-2007-2519", "sourceIdentifier": "cve@mitre.org", "published": "2007-05-22T19:30:00.000", "lastModified": "2024-11-21T00:30:58.697", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Directory traversal vulnerability in the installer in PEAR 1.0 through 1.5.3 allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in the (1) install-as attribute in the file element in package.xml 1.0 or the (2) as attribute in the install element in package.xml 2.0. NOTE: it could be argued that this does not cross privilege boundaries in typical installations, since the code being installed could perform the same actions." }, { "lang": "es", "value": "Vulnerabilidad de salto de directorio en el instalador en PEAR 1.0 hasat 1.5.3 permite a atacantes remotos con la intervenci\u00f3n del usuario sobrescribir archivos de su elecci\u00f3n mediante una secuencia .. (punto punto) en (1) el atributo install-as en el elemento fichero (file) en package.xml 1.0 o (2) el atributo as en el elemento instaci\u00f3n (install) en package.xml 2.0. NOTA: podr\u00eda argumentarse que esto no cruza los l\u00edmites de privilegios en instalaciones t\u00edpicas, puesto que el c\u00f3digo que est\u00e1 siendo instalado podr\u00eda realizar las mismas acciones." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "baseScore": 6.8, "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "AD16518B-EA90-4989-B59A-9E7C9DF3B877" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0419A76C-2783-41E6-8B9D-984099F42454" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "49ED21D8-425B-4A96-A323-EA19D902571A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "60B41712-9EB6-45F9-B5A3-F01113BE8006" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C2C050D0-D118-4538-B334-BA23ADC21569" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.2b1:*:*:*:*:*:*:*", "matchCriteriaId": "5ECCACD0-E734-491A-965F-0DF48B4BA253" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.2b2:*:*:*:*:*:*:*", "matchCriteriaId": "2EB4E3E0-6414-46F9-BBEB-DE93FBFA550D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.2b3:*:*:*:*:*:*:*", "matchCriteriaId": "28735572-3799-47ED-B8D7-2D7A6562CC8D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.2b4:*:*:*:*:*:*:*", "matchCriteriaId": "666E73A5-B149-468B-A2C7-DF1705477297" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.2b5:*:*:*:*:*:*:*", "matchCriteriaId": "FCFA477B-5396-4625-828D-FCBBCA8493FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "C6C105BB-1F21-44B6-AE8C-7C33E75CF648" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "375954D3-275B-4120-B833-2A83091013C6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "DBC5456B-C8D4-41EF-9944-1ACE6D04FB16" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "64AE9C03-E7E5-4155-815A-70C160E97F56" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "F3A56EB4-5F2A-4FF9-890A-CA316DE637A5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "7EB4E0C4-D8F6-4C6D-9574-09DBE3C2D68D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "497E6138-C746-44D9-BE46-5713A3AAFD41" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3b1:*:*:*:*:*:*:*", "matchCriteriaId": "2C38F7A3-640C-4383-8707-7D8155CBABAA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3b2:*:*:*:*:*:*:*", "matchCriteriaId": "5B260EFD-C61A-4DFE-B666-8BE84239A692" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3b3:*:*:*:*:*:*:*", "matchCriteriaId": "BA6161A6-E29C-49AF-A4F5-87934C4EEE84" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3b5:*:*:*:*:*:*:*", "matchCriteriaId": "FC1724F9-8A5B-4126-BABC-22E8603C571A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.3b6:*:*:*:*:*:*:*", "matchCriteriaId": "6F7D4EDD-5417-42CE-8E30-59499A34BFCB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "BD19B334-3D0C-4008-A5B5-53FE375B4979" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a1:*:*:*:*:*:*:*", "matchCriteriaId": "C9BDB709-3887-454D-B874-AFD5FD620731" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a2:*:*:*:*:*:*:*", "matchCriteriaId": "B228EA68-3CEE-4880-B060-B333F68794F0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a3:*:*:*:*:*:*:*", "matchCriteriaId": "33C10AF9-19B7-4C9F-A489-8C8505D87D49" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a4:*:*:*:*:*:*:*", "matchCriteriaId": "87475278-5B8B-4BE2-9167-46734A435B49" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a5:*:*:*:*:*:*:*", "matchCriteriaId": "207BBE32-3570-4A02-A743-A3A45C2A28DD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a6:*:*:*:*:*:*:*", "matchCriteriaId": "13D06662-08E6-46D8-A05B-9118D795F203" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a7:*:*:*:*:*:*:*", "matchCriteriaId": "6B6D259D-7AC3-4F4A-A855-64FD8FF7E818" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a8:*:*:*:*:*:*:*", "matchCriteriaId": "2C4B6FDA-0165-4268-95BA-915918099733" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a9:*:*:*:*:*:*:*", "matchCriteriaId": "B506B9CE-CE74-410D-BEFE-75BDF738872A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a10:*:*:*:*:*:*:*", "matchCriteriaId": "D96FCB3D-AC46-43D7-A2E7-CB6BFED37167" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a11:*:*:*:*:*:*:*", "matchCriteriaId": "D65E8898-C249-401A-97D4-B4431EC04B00" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0a12:*:*:*:*:*:*:*", "matchCriteriaId": "1299C8A2-FB8D-446E-83AC-C78091D14ACF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0b1:*:*:*:*:*:*:*", "matchCriteriaId": "7BFDED6F-D871-4F81-9ADE-D1B6E5A82E61" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0b2:*:*:*:*:*:*:*", "matchCriteriaId": "AF54A7BC-D8EC-4ABC-9552-25BB4D592A93" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0rc1:*:*:*:*:*:*:*", "matchCriteriaId": "516F5E30-AB29-4AEA-B069-8FEBAF288F46" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.0rc2:*:*:*:*:*:*:*", "matchCriteriaId": "0DBDD00D-0D9C-487B-90A0-D61BAB782C88" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "730B3D7E-43AD-4EA6-A3E7-C0424BA61A64" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "AEFECD3A-4669-4D0C-BC51-AA2B635CB3B4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "D1DF4DAD-7129-493B-B7EA-ADA33F734DB6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "13766879-04DA-42A2-B147-31D69430FE19" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "F9ADB86D-0655-4289-8644-4DBF76162CA3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA5C847B-FD77-4CB3-BD64-0BDA3EC17A5D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "7BE65B11-B3F2-4CB1-994B-979EA3885B21" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "BBCE5B14-6A83-44EA-971E-0CEDBBE6203B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3C9A0E25-9DCB-4ABB-8039-D9261A95CA5F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "84069051-338F-4174-9AEB-C41112B2FFF1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.10rc1:*:*:*:*:*:*:*", "matchCriteriaId": "3401D8C6-5C42-4F59-AA40-7C5D83551E08" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "7E52E2FA-3A8E-40EF-B57E-ADE9AA9810F7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "36CEB135-9EFD-490E-BEBA-F3FA75098463" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.5.0a1:*:*:*:*:*:*:*", "matchCriteriaId": "05F60E95-5D51-4D06-B4D4-777E78F89D9D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.5.0rc1:*:*:*:*:*:*:*", "matchCriteriaId": "7BB25D31-BD14-4BAB-8D5C-D297F2C61600" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.5.0rc2:*:*:*:*:*:*:*", "matchCriteriaId": "5AEF216F-0ED7-4999-A3A3-285440374773" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.5.0rc3:*:*:*:*:*:*:*", "matchCriteriaId": "B2FF8942-4C67-4674-8DE4-F4948C8FD61D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "03F711A9-EFD7-46A2-B826-19183FBB3FFD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "E8B3F0C6-386E-44B7-85A8-54CE26874384" }, { "vulnerable": true, "criteria": "cpe:2.3:a:php_group:pear:1.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "FCDED4C0-5733-4322-844D-A2085AFD6CA6" } ] } ] } ], "references": [ { "url": "http://osvdb.org/42108", "source": "cve@mitre.org" }, { "url": "http://pear.php.net/advisory-20070507.txt", "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ] }, { "url": "http://pear.php.net/news/vulnerability2.php", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/25372", "source": "cve@mitre.org" }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:110", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/24111", "source": "cve@mitre.org" }, { "url": "http://www.ubuntu.com/usn/usn-462-1", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2007/1926", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34482", "source": "cve@mitre.org" }, { "url": "http://osvdb.org/42108", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://pear.php.net/advisory-20070507.txt", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ] }, { "url": "http://pear.php.net/news/vulnerability2.php", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/25372", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:110", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/bid/24111", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.ubuntu.com/usn/usn-462-1", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.vupen.com/english/advisories/2007/1926", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34482", "source": "af854a3a-2127-422b-91ae-364da2661108" } ], "vendorComments": [ { "organization": "Red Hat", "comment": "Installation of a PEAR package from an untrusted source could allow malicious code to be installed and potentially executed by the root user. This is true regardless of the existence of this particular bug in the PEAR installer, so the bug would not be treated as security-sensitive. As when handling system RPM packages, the root user must always ensure that any packages installed are from a trusted source and have been packaged correctly.", "lastModified": "2007-05-24T00:00:00" } ] }