CVE-2014-0185
Published at:
-
06-05-2014 12:44
Last modified:
-
16-08-2022 03:32
Total changes:
-
2
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Local
Attack vector
High
Availability
High
Confidentiality
High
Integrity
-
Privileges required
-
Scope
-
User interaction
7.2
Base score
3.9
10.0
Exploitability score
Impact score
Verification logic
Reference
- [oss-security] 20140429 Fwd: [vs] php-fpm: privilege escalation due to insecure default config (CVE-2014-0185)-Mailing List, Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1092815
- http://www.php.net/ChangeLog-5.php
- https://hoffmann-christian.info/files/php-fpm/0001-Fix-bug-67060-use-default-mode-of-660.patch
- http://www.php.net/archive/2014.php#id2014-05-01-1
- https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1307027
- https://github.com/php/php-src/commit/35ceea928b12373a3b1e3eecdc32ed323223a40d
- https://bugs.php.net/bug.php?id=67060
- http://support.apple.com/kb/HT6443
- openSUSE-SU-2015:1685-Mailing List, Third Party Advisory
- 59329-Third Party Advisory
- 59061-Third Party Advisory
Keywords