OVAL Reference oval:org.opensuse.security:def:20111072

Oval Definition:

oval:org.opensuse.security:def:20111072

Revision Date:	2022-05-20	Version:	1
Title:	CVE-2011-1072
Description:	The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2011-1072 Mitre CVE-2011-1072 SUSE CVE-2011-1072 SUSE-SU-2012:0496-1 SUSE-SU-2012:0496-1 SUSE-SU-2013:1351-1 SUSE-SU-2013:1351-1
Platform(s):	SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit SUSE Linux Enterprise Server 10 SP3 LTSS for x86 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Teradata 10 SP3 for AMD64 and Intel EM64T	Product(s):
Definition Synopsis
sles10-sp3-ltss is installed AND Package Information apache2-mod_php5 less than 5.2.14-0.42.1 OR php5-bcmath less than 5.2.14-0.42.1 OR php5-bz2 less than 5.2.14-0.42.1 OR php5-calendar less than 5.2.14-0.42.1 OR php5-ctype less than 5.2.14-0.42.1 OR php5-curl less than 5.2.14-0.42.1 OR php5-dba less than 5.2.14-0.42.1 OR php5-dbase less than 5.2.14-0.42.1 OR php5-devel less than 5.2.14-0.42.1 OR php5-dom less than 5.2.14-0.42.1 OR php5-exif less than 5.2.14-0.42.1 OR php5-fastcgi less than 5.2.14-0.42.1 OR php5-ftp less than 5.2.14-0.42.1 OR php5-gd less than 5.2.14-0.42.1 OR php5-gettext less than 5.2.14-0.42.1 OR php5-gmp less than 5.2.14-0.42.1 OR php5-hash less than 5.2.14-0.42.1 OR php5-iconv less than 5.2.14-0.42.1 OR php5-imap less than 5.2.14-0.42.1 OR php5-json less than 5.2.14-0.42.1 OR php5-ldap less than 5.2.14-0.42.1 OR php5-mbstring less than 5.2.14-0.42.1 OR php5-mcrypt less than 5.2.14-0.42.1 OR php5-mhash less than 5.2.14-0.42.1 OR php5-mysql less than 5.2.14-0.42.1 OR php5-ncurses less than 5.2.14-0.42.1 OR php5-odbc less than 5.2.14-0.42.1 OR php5-openssl less than 5.2.14-0.42.1 OR php5-pcntl less than 5.2.14-0.42.1 OR php5-pdo less than 5.2.14-0.42.1 OR php5-pear less than 5.2.14-0.42.1 OR php5-pgsql less than 5.2.14-0.42.1 OR php5-posix less than 5.2.14-0.42.1 OR php5-pspell less than 5.2.14-0.42.1 OR php5-shmop less than 5.2.14-0.42.1 OR php5-snmp less than 5.2.14-0.42.1 OR php5-soap less than 5.2.14-0.42.1 OR php5-sockets less than 5.2.14-0.42.1 OR php5-sqlite less than 5.2.14-0.42.1 OR php5-suhosin less than 5.2.14-0.42.1 OR php5-sysvmsg less than 5.2.14-0.42.1 OR php5-sysvsem less than 5.2.14-0.42.1 OR php5-sysvshm less than 5.2.14-0.42.1 OR php5-tokenizer less than 5.2.14-0.42.1 OR php5-wddx less than 5.2.14-0.42.1 OR php5-xmlreader less than 5.2.14-0.42.1 OR php5-xmlrpc less than 5.2.14-0.42.1 OR php5-xsl less than 5.2.14-0.42.1 OR php5-zlib less than 5.2.14-0.42.1
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP1 is installed OR SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information apache2-mod_php5-5.2.14-0.7.30.34 is installed OR php5-5.2.14-0.7.30.34 is installed OR php5-bcmath-5.2.14-0.7.30.34 is installed OR php5-bz2-5.2.14-0.7.30.34 is installed OR php5-calendar-5.2.14-0.7.30.34 is installed OR php5-ctype-5.2.14-0.7.30.34 is installed OR php5-curl-5.2.14-0.7.30.34 is installed OR php5-dba-5.2.14-0.7.30.34 is installed OR php5-dbase-5.2.14-0.7.30.34 is installed OR php5-dom-5.2.14-0.7.30.34 is installed OR php5-exif-5.2.14-0.7.30.34 is installed OR php5-fastcgi-5.2.14-0.7.30.34 is installed OR php5-ftp-5.2.14-0.7.30.34 is installed OR php5-gd-5.2.14-0.7.30.34 is installed OR php5-gettext-5.2.14-0.7.30.34 is installed OR php5-gmp-5.2.14-0.7.30.34 is installed OR php5-hash-5.2.14-0.7.30.34 is installed OR php5-iconv-5.2.14-0.7.30.34 is installed OR php5-json-5.2.14-0.7.30.34 is installed OR php5-ldap-5.2.14-0.7.30.34 is installed OR php5-mbstring-5.2.14-0.7.30.34 is installed OR php5-mcrypt-5.2.14-0.7.30.34 is installed OR php5-mysql-5.2.14-0.7.30.34 is installed OR php5-odbc-5.2.14-0.7.30.34 is installed OR php5-openssl-5.2.14-0.7.30.34 is installed OR php5-pcntl-5.2.14-0.7.30.34 is installed OR php5-pdo-5.2.14-0.7.30.34 is installed OR php5-pear-5.2.14-0.7.30.34 is installed OR php5-pgsql-5.2.14-0.7.30.34 is installed OR php5-pspell-5.2.14-0.7.30.34 is installed OR php5-shmop-5.2.14-0.7.30.34 is installed OR php5-snmp-5.2.14-0.7.30.34 is installed OR php5-soap-5.2.14-0.7.30.34 is installed OR php5-suhosin-5.2.14-0.7.30.34 is installed OR php5-sysvmsg-5.2.14-0.7.30.34 is installed OR php5-sysvsem-5.2.14-0.7.30.34 is installed OR php5-sysvshm-5.2.14-0.7.30.34 is installed OR php5-tokenizer-5.2.14-0.7.30.34 is installed OR php5-wddx-5.2.14-0.7.30.34 is installed OR php5-xmlreader-5.2.14-0.7.30.34 is installed OR php5-xmlrpc-5.2.14-0.7.30.34 is installed OR php5-xmlwriter-5.2.14-0.7.30.34 is installed OR php5-xsl-5.2.14-0.7.30.34 is installed OR php5-zip-5.2.14-0.7.30.34 is installed OR php5-zlib-5.2.14-0.7.30.34 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP1 is installed OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed AND Package Information apache2-mod_php5-5.2.14-0.7.30.34 is installed OR php5-5.2.14-0.7.30.34 is installed OR php5-bcmath-5.2.14-0.7.30.34 is installed OR php5-bz2-5.2.14-0.7.30.34 is installed OR php5-calendar-5.2.14-0.7.30.34 is installed OR php5-ctype-5.2.14-0.7.30.34 is installed OR php5-curl-5.2.14-0.7.30.34 is installed OR php5-dba-5.2.14-0.7.30.34 is installed OR php5-dbase-5.2.14-0.7.30.34 is installed OR php5-dom-5.2.14-0.7.30.34 is installed OR php5-exif-5.2.14-0.7.30.34 is installed OR php5-fastcgi-5.2.14-0.7.30.34 is installed OR php5-ftp-5.2.14-0.7.30.34 is installed OR php5-gd-5.2.14-0.7.30.34 is installed OR php5-gettext-5.2.14-0.7.30.34 is installed OR php5-gmp-5.2.14-0.7.30.34 is installed OR php5-hash-5.2.14-0.7.30.34 is installed OR php5-iconv-5.2.14-0.7.30.34 is installed OR php5-json-5.2.14-0.7.30.34 is installed OR php5-ldap-5.2.14-0.7.30.34 is installed OR php5-mbstring-5.2.14-0.7.30.34 is installed OR php5-mcrypt-5.2.14-0.7.30.34 is installed OR php5-mysql-5.2.14-0.7.30.34 is installed OR php5-odbc-5.2.14-0.7.30.34 is installed OR php5-openssl-5.2.14-0.7.30.34 is installed OR php5-pcntl-5.2.14-0.7.30.34 is installed OR php5-pdo-5.2.14-0.7.30.34 is installed OR php5-pear-5.2.14-0.7.30.34 is installed OR php5-pgsql-5.2.14-0.7.30.34 is installed OR php5-pspell-5.2.14-0.7.30.34 is installed OR php5-shmop-5.2.14-0.7.30.34 is installed OR php5-snmp-5.2.14-0.7.30.34 is installed OR php5-soap-5.2.14-0.7.30.34 is installed OR php5-suhosin-5.2.14-0.7.30.34 is installed OR php5-sysvmsg-5.2.14-0.7.30.34 is installed OR php5-sysvsem-5.2.14-0.7.30.34 is installed OR php5-sysvshm-5.2.14-0.7.30.34 is installed OR php5-tokenizer-5.2.14-0.7.30.34 is installed OR php5-wddx-5.2.14-0.7.30.34 is installed OR php5-xmlreader-5.2.14-0.7.30.34 is installed OR php5-xmlrpc-5.2.14-0.7.30.34 is installed OR php5-xmlwriter-5.2.14-0.7.30.34 is installed OR php5-xsl-5.2.14-0.7.30.34 is installed OR php5-zip-5.2.14-0.7.30.34 is installed OR php5-zlib-5.2.14-0.7.30.34 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP1 is installed OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information apache2-mod_php5-5.2.14-0.7.30.34.1 is installed OR php5-5.2.14-0.7.30.34.1 is installed OR php5-bcmath-5.2.14-0.7.30.34.1 is installed OR php5-bz2-5.2.14-0.7.30.34.1 is installed OR php5-calendar-5.2.14-0.7.30.34.1 is installed OR php5-ctype-5.2.14-0.7.30.34.1 is installed OR php5-curl-5.2.14-0.7.30.34.1 is installed OR php5-dba-5.2.14-0.7.30.34.1 is installed OR php5-dbase-5.2.14-0.7.30.34.1 is installed OR php5-dom-5.2.14-0.7.30.34.1 is installed OR php5-exif-5.2.14-0.7.30.34.1 is installed OR php5-fastcgi-5.2.14-0.7.30.34.1 is installed OR php5-ftp-5.2.14-0.7.30.34.1 is installed OR php5-gd-5.2.14-0.7.30.34.1 is installed OR php5-gettext-5.2.14-0.7.30.34.1 is installed OR php5-gmp-5.2.14-0.7.30.34.1 is installed OR php5-hash-5.2.14-0.7.30.34.1 is installed OR php5-iconv-5.2.14-0.7.30.34.1 is installed OR php5-json-5.2.14-0.7.30.34.1 is installed OR php5-ldap-5.2.14-0.7.30.34.1 is installed OR php5-mbstring-5.2.14-0.7.30.34.1 is installed OR php5-mcrypt-5.2.14-0.7.30.34.1 is installed OR php5-mysql-5.2.14-0.7.30.34.1 is installed OR php5-odbc-5.2.14-0.7.30.34.1 is installed OR php5-openssl-5.2.14-0.7.30.34.1 is installed OR php5-pcntl-5.2.14-0.7.30.34.1 is installed OR php5-pdo-5.2.14-0.7.30.34.1 is installed OR php5-pear-5.2.14-0.7.30.34.1 is installed OR php5-pgsql-5.2.14-0.7.30.34.1 is installed OR php5-pspell-5.2.14-0.7.30.34.1 is installed OR php5-shmop-5.2.14-0.7.30.34.1 is installed OR php5-snmp-5.2.14-0.7.30.34.1 is installed OR php5-soap-5.2.14-0.7.30.34.1 is installed OR php5-suhosin-5.2.14-0.7.30.34.1 is installed OR php5-sysvmsg-5.2.14-0.7.30.34.1 is installed OR php5-sysvsem-5.2.14-0.7.30.34.1 is installed OR php5-sysvshm-5.2.14-0.7.30.34.1 is installed OR php5-tokenizer-5.2.14-0.7.30.34.1 is installed OR php5-wddx-5.2.14-0.7.30.34.1 is installed OR php5-xmlreader-5.2.14-0.7.30.34.1 is installed OR php5-xmlrpc-5.2.14-0.7.30.34.1 is installed OR php5-xmlwriter-5.2.14-0.7.30.34.1 is installed OR php5-xsl-5.2.14-0.7.30.34.1 is installed OR php5-zip-5.2.14-0.7.30.34.1 is installed OR php5-zlib-5.2.14-0.7.30.34.1 is installed

BACK