CVE-2014-5459 vulnerability in PHP and Other Products
Published on September 27, 2014

The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.

Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2014-5459

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2014-5459 are published in these products:

PHP

OpenSuse Evergreen

OpenSuse

Oracle Solaris

Exploit Probability

EPSS

0.08%

Percentile

22.93%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2014-5459 vulnerability in PHP and Other ProductsPublished on September 27, 2014

Products Associated with CVE-2014-5459

Exploit Probability

CVE-2014-5459 vulnerability in PHP and Other Products
Published on September 27, 2014