Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operations.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:24:01
Updated: 2022-10-03T16:24:01
Reserved: 2022-10-03T00:00:00
Link: CVE-2009-5054
JSON object: View
NVD Information
Status : Analyzed
Published: 2011-02-03T17:00:01.837
Modified: 2011-02-15T05:00:00.000
Link: CVE-2009-5054
JSON object: View
Redhat Information
No data.
CWE