Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2016-06-07T14:00:00
Updated: 2024-08-06T06:59:04.234Z
Reserved: 2015-08-03T00:00:00
Link: CVE-2015-5723
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-06-07T14:06:08.697
Modified: 2024-11-21T02:33:42.940
Link: CVE-2015-5723
Redhat
No data.