{
  "threat_severity" : "Moderate",
  "public_date" : "2014-07-31T00:00:00Z",
  "bugzilla" : {
    "description" : "php: gd extension NUL byte injection in file names",
    "id" : "1132793",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1132793"
  },
  "cvss" : {
    "cvss_base_score" : "4.3",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-626",
  "details" : [ "gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.", "It was found that PHP's gd extension did not properly handle file names with a null character. A remote attacker could possibly use this flaw to make a PHP application access unexpected files and bypass intended file system access restrictions." ],
  "statement" : "This issue does not affect the current php and php53 packages in Red Hat Enterprise Linux 5 and 6, as it was previously corrected as part of the fix for CVE-2006-7243.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2014-09-30T00:00:00Z",
    "advisory" : "RHSA-2014:1327",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "php-0:5.4.16-23.el7_0.1"
  }, {
    "product_name" : "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6",
    "release_date" : "2014-10-30T00:00:00Z",
    "advisory" : "RHSA-2014:1765",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el6",
    "package" : "php54-php-0:5.4.16-22.el6"
  }, {
    "product_name" : "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6",
    "release_date" : "2014-10-30T00:00:00Z",
    "advisory" : "RHSA-2014:1766",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el6",
    "package" : "php55-php-0:5.5.6-13.el6"
  }, {
    "product_name" : "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS",
    "release_date" : "2014-10-30T00:00:00Z",
    "advisory" : "RHSA-2014:1765",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el6",
    "package" : "php54-php-0:5.4.16-22.el6"
  }, {
    "product_name" : "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS",
    "release_date" : "2014-10-30T00:00:00Z",
    "advisory" : "RHSA-2014:1766",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el6",
    "package" : "php55-php-0:5.5.6-13.el6"
  }, {
    "product_name" : "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS",
    "release_date" : "2014-10-30T00:00:00Z",
    "advisory" : "RHSA-2014:1765",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el6",
    "package" : "php54-php-0:5.4.16-22.el6"
  }, {
    "product_name" : "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS",
    "release_date" : "2014-10-30T00:00:00Z",
    "advisory" : "RHSA-2014:1766",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el6",
    "package" : "php55-php-0:5.5.6-13.el6"
  }, {
    "product_name" : "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS",
    "release_date" : "2014-10-30T00:00:00Z",
    "advisory" : "RHSA-2014:1765",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el6",
    "package" : "php54-php-0:5.4.16-22.el6"
  }, {
    "product_name" : "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS",
    "release_date" : "2014-10-30T00:00:00Z",
    "advisory" : "RHSA-2014:1766",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el6",
    "package" : "php55-php-0:5.5.6-13.el6"
  }, {
    "product_name" : "Red Hat Software Collections 1 for Red Hat Enterprise Linux 7",
    "release_date" : "2014-10-30T00:00:00Z",
    "advisory" : "RHSA-2014:1765",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el7",
    "package" : "php54-php-0:5.4.16-22.el7"
  }, {
    "product_name" : "Red Hat Software Collections 1 for Red Hat Enterprise Linux 7",
    "release_date" : "2014-10-30T00:00:00Z",
    "advisory" : "RHSA-2014:1766",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el7",
    "package" : "php55-php-0:5.5.6-13.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "php",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "php53",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "php",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2014-5120\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-5120" ],
  "name" : "CVE-2014-5120",
  "csaw" : false
}