#VU110283 Permissions, Privileges, and Access Controls in PHP - CVE-2010-3436


| Updated: 2025-06-08

Vulnerability identifier: #VU110283

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2010-3436

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
PHP
Universal components / Libraries / Scripting languages

Vendor: PHP Group

Description

The vulnerability allows a remote non-authenticated attacker to corrupt data.

fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename.

Mitigation
Install update from vendor's website.

Vulnerable software versions

PHP: 5.2.0, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.2.6, 5.2.7, 5.2.8, 5.2.9, 5.2.10, 5.2.11, 5.2.12, 5.2.13, 5.2.14

External links
https://www.mandriva.com/security/advisories?name=MDVSA-2010:218
https://svn.php.net/viewvc/php/php-src/trunk/main/fopen_wrappers.c?r1=303824&r2=303823&pathrev=303824
https://svn.php.net/viewvc?view=revision&revision=303824
https://security-tracker.debian.org/tracker/CVE-2010-3436
https://www.securityfocus.com/bid/44723
https://secunia.com/advisories/42729
https://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619
https://www.vupen.com/english/advisories/2010/3313
https://www.php.net/ChangeLog-5.php
https://www.php.net/releases/5_3_4.php
https://www.vupen.com/english/advisories/2011/0077
https://www.php.net/archive/2010.php#id2010-12-10-1
https://secunia.com/advisories/42812
https://www.php.net/releases/5_2_15.php
https://www.ubuntu.com/usn/USN-1042-1
https://support.apple.com/kb/HT4581
https://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
https://support.apple.com/kb/HT5002
https://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in PHP
Gentoo update for PHP
Slackware Linux update for php