CVE-2014-5120Improper Input Validation in Apple OS X Yosemite V10.10.3 AND Security Update 2015-004

CWE-20Improper Input ValidationCWE-626Null Byte Interaction Error (Poison Null Byte)9 documents6 sources
Severity
6.4MEDIUMNVD
EPSS
8.3%
top 7.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple OS X Yosemite V10.10.3 AND Security Update 2015-004PHPDebian Libgd2
Timeline
PublishedAug 23
Latest updateMay 17

Description

gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.

CVSS vector

AV:N/AC:L/C:N/I:P/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages3 packages

NVDphp/php48 versions+47
debiandebian/libgd2

🔴Vulnerability Details

1
GHSA
GHSA-3wv8-w3p3-hq59: gd_ctx2022-05-17

📋Vendor Advisories

3
Red Hat
php: gd extension NUL byte injection in file names2014-07-31
Debian
CVE-2014-5120: libgd2 - gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 ...2014
Apple
CVE-2014-5120: OS X Yosemite v10.10.3 and Security Update 2015-004

💬Community

4
Bugzilla
CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+2015-05-20
Bugzilla
CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name2015-03-31
Bugzilla
CVE-2014-5120 php: gd extension NUL byte injection in file names2014-08-22
Bugzilla
CVE-2014-5120 php: gd: NUL byte injection in filenames passed to image handling functions [fedora-all]2014-08-22
CVE-2014-5120 — Improper Input Validation in Apple | cvebase