CVE-2008-5658

Publication date 17 December 2008

Last updated 24 July 2024


Ubuntu priority

Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.

Read the notes from the security team

Status

Package Ubuntu Release Status
php5 8.10 intrepid
Fixed 5.2.6-2ubuntu4.1
8.04 LTS hardy
Fixed 5.2.4-2ubuntu5.5
7.10 gutsy
Fixed 5.2.3-1ubuntu6.5
6.06 LTS dapper
Not affected

Notes


mdeslaur

zip is only in php > 5.2.x apart from these patches, libzip was updated to 0.9.0 not sure if it's necessary to fix the issue... seems the issue is not resolved: http://bugs.php.net/bug.php?id=47188 more info: http://news.php.net/php.internals/42758 http://news.php.net/php.internals/42760 http://news.php.net/php.internals/42762 http://news.php.net/php.internals/42796 (proposed patch) http://news.php.net/php.internals/42797 (proposed smaller patch)

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
php5