Vulnerability & Exploit Database

Displaying all 3 entries

Results for: CVE-2018-1000888 Back to search

Ubuntu: USN-3857-1 (CVE-2018-1000888): PEAR vulnerability Vulnerability

  • Severity: 7
  • Published: December 28, 2018

PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is called without a specific prefix path, we can trigger unserialization by crafting a tar fil...

Debian: CVE-2018-1000888: php-pear, php5 -- security update Vulnerability

  • Severity: 7
  • Published: December 28, 2018

PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is called without a specific prefix path, we can trigger unserialization by crafting a tar fil...

Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5 Vulnerability

  • Severity: 1
  • Published: March 15, 2007

This is a placeholder for all CVEs that are not relevant for one reason or another on Red Hat Enterprise Linux 5. Oftentimes Red Hat makes this determination because the affected software was shipped, built or configured in a manner that it made it invulnerable to a given vulnerability.