Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'PEAR'
2011-03-02
CVE-2011-1144
CWE-59
The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1072.
CVE-2011-1072
CWE-59
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
2006-01-09
CVE-2006-0144
CWE-94
The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.
2005-12-10
CVE-2005-4154
Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows user-assisted attackers to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.
>>>
Vendor:
PHP
25
Products
PHP
Php fi
Phorum
Phpsquidpass
PEAR
Blog cms
Pear archive tar
Comoblog
Php script index
Directory listing script
Animated smiley generator
Errordocs
Ar memberscript
BLOQ
Com extensions
Mysql extension
Mysql banner exchange
F1 maxs file uploader
Xhprof
Php perl hot links
Pecl http
Imagick
Ext-http
Archive tar
Pearweb
Copyright
2024
, cxsecurity.com
Back to Top