Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2016-06-07T14:00:00
Updated: 2016-11-25T20:57:01
Reserved: 2015-08-03T00:00:00
Link: CVE-2015-5723
JSON object: View
NVD Information
Status : Modified
Published: 2016-06-07T14:06:08.697
Modified: 2023-11-07T02:26:18.370
Link: CVE-2015-5723
JSON object: View
Redhat Information
No data.
CWE