CVE-2015-4026

Publication date 9 June 2015

Last updated 24 July 2024

The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
php5	15.04 vivid	Fixed 5.6.4+dfsg-4ubuntu6.2
	14.10 utopic	Fixed 5.5.12+dfsg-2ubuntu4.6
	14.04 LTS trusty	Fixed 5.5.9+dfsg-1ubuntu4.11
	12.04 LTS precise	Fixed 5.3.10-1ubuntu3.19

How can I get the fixes?
What do statuses mean?

Notes

mdeslaur

fixed by same commit as CVE-2015-4025

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-2658-1
PHP vulnerabilities
6 July 2015

Other references

https://www.cve.org/CVERecord?id=CVE-2015-4026