NVD Vulnerability Detail

CVE-2007-2519

Summary	Directory traversal vulnerability in the installer in PEAR 1.0 through 1.5.3 allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in the (1) install-as attribute in the file element in package.xml 1.0 or the (2) as attribute in the install element in package.xml 2.0. NOTE: it could be argued that this does not cross privilege boundaries in typical installations, since the code being installed could perform the same actions.
Publication Date	May 23, 2007, 4:30 a.m.
Registration Date	Jan. 29, 2021, 2:12 p.m.
Last Update	July 29, 2017, 10:31 a.m.

CVSS2.0 : MEDIUM
Score	6.8
Vector	AV:N/AC:M/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	はい
User operation required	はい

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:php_group:pear:1.0:::::::*
cpe:2.3:a:php_group:pear:1.0.1:::::::*
cpe:2.3:a:php_group:pear:1.1:::::::*
cpe:2.3:a:php_group:pear:1.2:::::::*
cpe:2.3:a:php_group:pear:1.2.1:::::::*
cpe:2.3:a:php_group:pear:1.2b1:::::::*
cpe:2.3:a:php_group:pear:1.2b2:::::::*
cpe:2.3:a:php_group:pear:1.2b3:::::::*
cpe:2.3:a:php_group:pear:1.2b4:::::::*
cpe:2.3:a:php_group:pear:1.2b5:::::::*
cpe:2.3:a:php_group:pear:1.3:::::::*
cpe:2.3:a:php_group:pear:1.3.1:::::::*
cpe:2.3:a:php_group:pear:1.3.3:::::::*
cpe:2.3:a:php_group:pear:1.3.3.1:::::::*
cpe:2.3:a:php_group:pear:1.3.4:::::::*
cpe:2.3:a:php_group:pear:1.3.5:::::::*
cpe:2.3:a:php_group:pear:1.3.6:::::::*
cpe:2.3:a:php_group:pear:1.3b1:::::::*
cpe:2.3:a:php_group:pear:1.3b2:::::::*
cpe:2.3:a:php_group:pear:1.3b3:::::::*
cpe:2.3:a:php_group:pear:1.3b5:::::::*
cpe:2.3:a:php_group:pear:1.3b6:::::::*
cpe:2.3:a:php_group:pear:1.4.0:::::::*
cpe:2.3:a:php_group:pear:1.4.0a1:::::::*
cpe:2.3:a:php_group:pear:1.4.0a2:::::::*
cpe:2.3:a:php_group:pear:1.4.0a3:::::::*
cpe:2.3:a:php_group:pear:1.4.0a4:::::::*
cpe:2.3:a:php_group:pear:1.4.0a5:::::::*
cpe:2.3:a:php_group:pear:1.4.0a6:::::::*
cpe:2.3:a:php_group:pear:1.4.0a7:::::::*
cpe:2.3:a:php_group:pear:1.4.0a8:::::::*
cpe:2.3:a:php_group:pear:1.4.0a9:::::::*
cpe:2.3:a:php_group:pear:1.4.0a10:::::::*
cpe:2.3:a:php_group:pear:1.4.0a11:::::::*
cpe:2.3:a:php_group:pear:1.4.0a12:::::::*
cpe:2.3:a:php_group:pear:1.4.0b1:::::::*
cpe:2.3:a:php_group:pear:1.4.0b2:::::::*
cpe:2.3:a:php_group:pear:1.4.0rc1:::::::*
cpe:2.3:a:php_group:pear:1.4.0rc2:::::::*
cpe:2.3:a:php_group:pear:1.4.1:::::::*
cpe:2.3:a:php_group:pear:1.4.2:::::::*
cpe:2.3:a:php_group:pear:1.4.3:::::::*
cpe:2.3:a:php_group:pear:1.4.4:::::::*
cpe:2.3:a:php_group:pear:1.4.5:::::::*
cpe:2.3:a:php_group:pear:1.4.6:::::::*
cpe:2.3:a:php_group:pear:1.4.7:::::::*
cpe:2.3:a:php_group:pear:1.4.8:::::::*
cpe:2.3:a:php_group:pear:1.4.9:::::::*
cpe:2.3:a:php_group:pear:1.4.10:::::::*
cpe:2.3:a:php_group:pear:1.4.10rc1:::::::*
cpe:2.3:a:php_group:pear:1.4.11:::::::*
cpe:2.3:a:php_group:pear:1.5.0:::::::*
cpe:2.3:a:php_group:pear:1.5.0a1:::::::*
cpe:2.3:a:php_group:pear:1.5.0rc1:::::::*
cpe:2.3:a:php_group:pear:1.5.0rc2:::::::*
cpe:2.3:a:php_group:pear:1.5.0rc3:::::::*
cpe:2.3:a:php_group:pear:1.5.1:::::::*
cpe:2.3:a:php_group:pear:1.5.2:::::::*
cpe:2.3:a:php_group:pear:1.5.3:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://osvdb.org/42108	OSVDB
2	http://pear.php.net/advisory-20070507.txt	CONFIRM	Exploit Patch Vendor Advisory
3	http://pear.php.net/news/vulnerability2.php	CONFIRM
4	http://secunia.com/advisories/25372	SECUNIA
5	http://www.mandriva.com/security/advisories?name=MDKSA-2007:110	MANDRIVA
6	http://www.securityfocus.com/bid/24111	BID
7	http://www.ubuntu.com/usn/usn-462-1	UBUNTU
8	http://www.vupen.com/english/advisories/2007/1926	VUPEN
9	https://exchange.xforce.ibmcloud.com/vulnerabilities/34482	XF

Common Vulnerabilities List

JVN Vulnerability Information

PEAR のインストーラにおけるディレクトリトラバーサルの脆弱性

Title	PEAR のインストーラにおけるディレクトリトラバーサルの脆弱性
Summary	PEAR のインストーラには、ディレクトリトラバーサルの脆弱性が存在します。
Possible impacts	攻撃者により、.. (ドットドット) シーケンスを含む (1) package.xml の file 要素内の install-as 属性、または (2) package.xml 内の install 要素の as 属性を介して、任意のファイルを上書きされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	May 7, 2007, midnight
Registration Date	Sept. 25, 2012, 4:47 p.m.
Last Update	Sept. 25, 2012, 4:47 p.m.

Affected System

The PHP Group

PEAR 1.0 から 1.5.3

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2007-2519	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2519
National Vulnerability Database (NVD)
2	CVE-2007-2519	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2519

ベンダー情報

No	Name	URL
SECURITY VULNERABILITY ANNOUNCEMENT
1	PEAR installer arbitrary code execution vulnerability	http://pear.php.net/advisory-20070507.txt
The PHP Group
2	Top Page	http://www.php.net/

Change Log

No	Changed Details	Date of change
0	[2012年09月25日] 掲載	Feb. 17, 2018, 10:37 a.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:php_group:pear:1.0:::::::*
cpe:2.3:a:php_group:pear:1.0.1:::::::*
cpe:2.3:a:php_group:pear:1.1:::::::*
cpe:2.3:a:php_group:pear:1.2:::::::*
cpe:2.3:a:php_group:pear:1.2.1:::::::*
cpe:2.3:a:php_group:pear:1.2b1:::::::*
cpe:2.3:a:php_group:pear:1.2b2:::::::*
cpe:2.3:a:php_group:pear:1.2b3:::::::*
cpe:2.3:a:php_group:pear:1.2b4:::::::*
cpe:2.3:a:php_group:pear:1.2b5:::::::*
cpe:2.3:a:php_group:pear:1.3:::::::*
cpe:2.3:a:php_group:pear:1.3.1:::::::*
cpe:2.3:a:php_group:pear:1.3.3:::::::*
cpe:2.3:a:php_group:pear:1.3.3.1:::::::*
cpe:2.3:a:php_group:pear:1.3.4:::::::*
cpe:2.3:a:php_group:pear:1.3.5:::::::*
cpe:2.3:a:php_group:pear:1.3.6:::::::*
cpe:2.3:a:php_group:pear:1.3b1:::::::*
cpe:2.3:a:php_group:pear:1.3b2:::::::*
cpe:2.3:a:php_group:pear:1.3b3:::::::*
cpe:2.3:a:php_group:pear:1.3b5:::::::*
cpe:2.3:a:php_group:pear:1.3b6:::::::*
cpe:2.3:a:php_group:pear:1.4.0:::::::*
cpe:2.3:a:php_group:pear:1.4.0a1:::::::*
cpe:2.3:a:php_group:pear:1.4.0a2:::::::*
cpe:2.3:a:php_group:pear:1.4.0a3:::::::*
cpe:2.3:a:php_group:pear:1.4.0a4:::::::*
cpe:2.3:a:php_group:pear:1.4.0a5:::::::*
cpe:2.3:a:php_group:pear:1.4.0a6:::::::*
cpe:2.3:a:php_group:pear:1.4.0a7:::::::*
cpe:2.3:a:php_group:pear:1.4.0a8:::::::*
cpe:2.3:a:php_group:pear:1.4.0a9:::::::*
cpe:2.3:a:php_group:pear:1.4.0a10:::::::*
cpe:2.3:a:php_group:pear:1.4.0a11:::::::*
cpe:2.3:a:php_group:pear:1.4.0a12:::::::*
cpe:2.3:a:php_group:pear:1.4.0b1:::::::*
cpe:2.3:a:php_group:pear:1.4.0b2:::::::*
cpe:2.3:a:php_group:pear:1.4.0rc1:::::::*
cpe:2.3:a:php_group:pear:1.4.0rc2:::::::*
cpe:2.3:a:php_group:pear:1.4.1:::::::*
cpe:2.3:a:php_group:pear:1.4.2:::::::*
cpe:2.3:a:php_group:pear:1.4.3:::::::*
cpe:2.3:a:php_group:pear:1.4.4:::::::*
cpe:2.3:a:php_group:pear:1.4.5:::::::*
cpe:2.3:a:php_group:pear:1.4.6:::::::*
cpe:2.3:a:php_group:pear:1.4.7:::::::*
cpe:2.3:a:php_group:pear:1.4.8:::::::*
cpe:2.3:a:php_group:pear:1.4.9:::::::*
cpe:2.3:a:php_group:pear:1.4.10:::::::*
cpe:2.3:a:php_group:pear:1.4.10rc1:::::::*
cpe:2.3:a:php_group:pear:1.4.11:::::::*
cpe:2.3:a:php_group:pear:1.5.0:::::::*
cpe:2.3:a:php_group:pear:1.5.0a1:::::::*
cpe:2.3:a:php_group:pear:1.5.0rc1:::::::*
cpe:2.3:a:php_group:pear:1.5.0rc2:::::::*
cpe:2.3:a:php_group:pear:1.5.0rc3:::::::*
cpe:2.3:a:php_group:pear:1.5.1:::::::*
cpe:2.3:a:php_group:pear:1.5.2:::::::*
cpe:2.3:a:php_group:pear:1.5.3:::::::*