Wind River Support Network

HomeDefectsLIN7-6327

Fixed

LIN7-6327 : Security Advisory - php - CVE-2014-9767

Created: May 31, 2016 Updated: Sep 8, 2018

Resolved Date: Jun 24, 2016

Found In Version: 7.0.0.15

Fix Version: 7.0.0.17

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9767

Other Downloads

Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2014-9767