Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2011-0754
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 4.4/10
- Exploit Score
- 3.4/10
- Access Vector
- Local
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 6.4/10
- Confidentiality Impact
- Partial
- Availability Impact
- Partial
- Integrity Impact
- Partial
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:a:php:php:*:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
No
|
- |