CVE-2014-9767

Advisory lineage Upstream: 0 Downstream: 7
Modified
Published: 22 May 2016, 01:00
Last modified:06 Aug 2024, 13:55

Vulnerability Summary

Overall Risk (default)
medium
27/100
CVSS Score
4.3 MEDIUM
v3.0 (nvd)
EPSS Score
0.49% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
2 found
Dark Web
Not detected

Timeline

22 May 2016, 01:00
Published
Vulnerability first disclosed
06 Aug 2024, 13:55
Last Modified
Vulnerability information updated

Description

Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive.

CVSS Metrics

  • v3.0MEDIUMScore: 4.3CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
  • v2.0MEDIUMScore: 4.3AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS Trends

Current EPSS score: 0.49% Percentile: 66%

Techniques & Countermeasures

  • CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

    The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Affected Systems

  • hiphop_virtual_machine_for_php_projecthiphop_virtual_machine_for_php

    ≤ 3.12

  • UnknownPHP

    ≤ 5.4.45 | 5.5.0 | 5.5.1 | 5.5.2 | 5.5.3 | 5.5.4 | 5.5.5 | 5.5.6 | 5.5.7 | 5.5.8 | 5.5.9 | 5.5.10 | 5.5.11 | 5.5.12 | 5.5.13 | 5.5.14 | 5.5.18 | 5.5.19 | 5.5.20 | 5.5.21 | 5.5.22 | 5.5.23 | 5.5.24 | 5.5.25 | 5.5.26 | 5.5.27 | 5.5.28 | 5.6.0 | 5.6.1 | 5.6.2 | 5.6.3 | 5.6.4 | 5.6.5 | 5.6.6 | 5.6.7 | 5.6.8 | 5.6.9 | 5.6.10 | 5.6.11 | 5.6.12

References (14)