CVE-2015-4025

Published: Jun 9, 2015Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.

Affected (61)

Products: Apple: Mac Os X · Php: Php · Redhat: Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Hpc Node Eus, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation, Enterprise Linux

1 product

1 product

7 products

Enterprise Linux Desktop

Enterprise Linux Hpc Node

Enterprise Linux Hpc Node Eus

Enterprise Linux Server

Enterprise Linux Server Eus

Enterprise Linux Workstation

Enterprise Linux

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Up to 10.10.4

Configuration B

52 vulnerable

Vulnerable Software	Affected Versions
Php Php	Up to 5.4.40
Php Php	Version 5.4.39
Php Php	Version 5.5.0
Php Php	Version 5.5.0 alpha1
Php Php	Version 5.5.0 alpha2
Php Php	Version 5.5.0 alpha3
Php Php	Version 5.5.0 alpha4
Php Php	Version 5.5.0 alpha5
Php Php	Version 5.5.0 alpha6
Php Php	Version 5.5.0 beta1
Php Php	Version 5.5.0 beta2
Php Php	Version 5.5.0 beta3
Php Php	Version 5.5.0 beta4
Php Php	Version 5.5.0 rc1
Php Php	Version 5.5.0 rc2
Php Php	Version 5.5.10
Php Php	Version 5.5.11
Php Php	Version 5.5.12
Php Php	Version 5.5.13
Php Php	Version 5.5.14
Php Php	Version 5.5.18
Php Php	Version 5.5.19
Php Php	Version 5.5.1
Php Php	Version 5.5.20
Php Php	Version 5.5.21
Php Php	Version 5.5.22
Php Php	Version 5.5.23
Php Php	Version 5.5.24
Php Php	Version 5.5.2
Php Php	Version 5.5.3
Php Php	Version 5.5.4
Php Php	Version 5.5.5
Php Php	Version 5.5.6
Php Php	Version 5.5.7
Php Php	Version 5.5.8
Php Php	Version 5.5.9
Php Php	Version 5.6.0 alpha1
Php Php	Version 5.6.0 alpha2
Php Php	Version 5.6.0 alpha3
Php Php	Version 5.6.0 alpha4
Php Php	Version 5.6.0 alpha5
Php Php	Version 5.6.0 beta1
Php Php	Version 5.6.0 beta2
Php Php	Version 5.6.0 beta3
Php Php	Version 5.6.0 beta4
Php Php	Version 5.6.2
Php Php	Version 5.6.3
Php Php	Version 5.6.4
Php Php	Version 5.6.5
Php Php	Version 5.6.6
Php Php	Version 5.6.7
Php Php	Version 5.6.8

Configuration C

6 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Hpc Node	Version 7.0
Redhat Enterprise Linux Hpc Node Eus	Version 7.1
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Server Eus	Version 7.1
Redhat Enterprise Linux Workstation	Version 7.0