Oval Definition:oval:org.opensuse.security:def:20111072
Revision Date:2022-05-20Version:1
Title:CVE-2011-1072
Description:

The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2011-1072
Mitre CVE-2011-1072
SUSE CVE-2011-1072
SUSE-SU-2012:0496-1
SUSE-SU-2012:0496-1
SUSE-SU-2013:1351-1
SUSE-SU-2013:1351-1
Platform(s):SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for Teradata
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Teradata 10 SP3 for AMD64 and Intel EM64T
Product(s):
Definition Synopsis
  • sles10-sp3-ltss is installed
  • AND Package Information
  • apache2-mod_php5 less than 5.2.14-0.42.1
  • OR php5-bcmath less than 5.2.14-0.42.1
  • OR php5-bz2 less than 5.2.14-0.42.1
  • OR php5-calendar less than 5.2.14-0.42.1
  • OR php5-ctype less than 5.2.14-0.42.1
  • OR php5-curl less than 5.2.14-0.42.1
  • OR php5-dba less than 5.2.14-0.42.1
  • OR php5-dbase less than 5.2.14-0.42.1
  • OR php5-devel less than 5.2.14-0.42.1
  • OR php5-dom less than 5.2.14-0.42.1
  • OR php5-exif less than 5.2.14-0.42.1
  • OR php5-fastcgi less than 5.2.14-0.42.1
  • OR php5-ftp less than 5.2.14-0.42.1
  • OR php5-gd less than 5.2.14-0.42.1
  • OR php5-gettext less than 5.2.14-0.42.1
  • OR php5-gmp less than 5.2.14-0.42.1
  • OR php5-hash less than 5.2.14-0.42.1
  • OR php5-iconv less than 5.2.14-0.42.1
  • OR php5-imap less than 5.2.14-0.42.1
  • OR php5-json less than 5.2.14-0.42.1
  • OR php5-ldap less than 5.2.14-0.42.1
  • OR php5-mbstring less than 5.2.14-0.42.1
  • OR php5-mcrypt less than 5.2.14-0.42.1
  • OR php5-mhash less than 5.2.14-0.42.1
  • OR php5-mysql less than 5.2.14-0.42.1
  • OR php5-ncurses less than 5.2.14-0.42.1
  • OR php5-odbc less than 5.2.14-0.42.1
  • OR php5-openssl less than 5.2.14-0.42.1
  • OR php5-pcntl less than 5.2.14-0.42.1
  • OR php5-pdo less than 5.2.14-0.42.1
  • OR php5-pear less than 5.2.14-0.42.1
  • OR php5-pgsql less than 5.2.14-0.42.1
  • OR php5-posix less than 5.2.14-0.42.1
  • OR php5-pspell less than 5.2.14-0.42.1
  • OR php5-shmop less than 5.2.14-0.42.1
  • OR php5-snmp less than 5.2.14-0.42.1
  • OR php5-soap less than 5.2.14-0.42.1
  • OR php5-sockets less than 5.2.14-0.42.1
  • OR php5-sqlite less than 5.2.14-0.42.1
  • OR php5-suhosin less than 5.2.14-0.42.1
  • OR php5-sysvmsg less than 5.2.14-0.42.1
  • OR php5-sysvsem less than 5.2.14-0.42.1
  • OR php5-sysvshm less than 5.2.14-0.42.1
  • OR php5-tokenizer less than 5.2.14-0.42.1
  • OR php5-wddx less than 5.2.14-0.42.1
  • OR php5-xmlreader less than 5.2.14-0.42.1
  • OR php5-xmlrpc less than 5.2.14-0.42.1
  • OR php5-xsl less than 5.2.14-0.42.1
  • OR php5-zlib less than 5.2.14-0.42.1
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP2 is installed
  • AND Package Information
  • apache2-mod_php5-5.2.14-0.7.30.34 is installed
  • OR php5-5.2.14-0.7.30.34 is installed
  • OR php5-bcmath-5.2.14-0.7.30.34 is installed
  • OR php5-bz2-5.2.14-0.7.30.34 is installed
  • OR php5-calendar-5.2.14-0.7.30.34 is installed
  • OR php5-ctype-5.2.14-0.7.30.34 is installed
  • OR php5-curl-5.2.14-0.7.30.34 is installed
  • OR php5-dba-5.2.14-0.7.30.34 is installed
  • OR php5-dbase-5.2.14-0.7.30.34 is installed
  • OR php5-dom-5.2.14-0.7.30.34 is installed
  • OR php5-exif-5.2.14-0.7.30.34 is installed
  • OR php5-fastcgi-5.2.14-0.7.30.34 is installed
  • OR php5-ftp-5.2.14-0.7.30.34 is installed
  • OR php5-gd-5.2.14-0.7.30.34 is installed
  • OR php5-gettext-5.2.14-0.7.30.34 is installed
  • OR php5-gmp-5.2.14-0.7.30.34 is installed
  • OR php5-hash-5.2.14-0.7.30.34 is installed
  • OR php5-iconv-5.2.14-0.7.30.34 is installed
  • OR php5-json-5.2.14-0.7.30.34 is installed
  • OR php5-ldap-5.2.14-0.7.30.34 is installed
  • OR php5-mbstring-5.2.14-0.7.30.34 is installed
  • OR php5-mcrypt-5.2.14-0.7.30.34 is installed
  • OR php5-mysql-5.2.14-0.7.30.34 is installed
  • OR php5-odbc-5.2.14-0.7.30.34 is installed
  • OR php5-openssl-5.2.14-0.7.30.34 is installed
  • OR php5-pcntl-5.2.14-0.7.30.34 is installed
  • OR php5-pdo-5.2.14-0.7.30.34 is installed
  • OR php5-pear-5.2.14-0.7.30.34 is installed
  • OR php5-pgsql-5.2.14-0.7.30.34 is installed
  • OR php5-pspell-5.2.14-0.7.30.34 is installed
  • OR php5-shmop-5.2.14-0.7.30.34 is installed
  • OR php5-snmp-5.2.14-0.7.30.34 is installed
  • OR php5-soap-5.2.14-0.7.30.34 is installed
  • OR php5-suhosin-5.2.14-0.7.30.34 is installed
  • OR php5-sysvmsg-5.2.14-0.7.30.34 is installed
  • OR php5-sysvsem-5.2.14-0.7.30.34 is installed
  • OR php5-sysvshm-5.2.14-0.7.30.34 is installed
  • OR php5-tokenizer-5.2.14-0.7.30.34 is installed
  • OR php5-wddx-5.2.14-0.7.30.34 is installed
  • OR php5-xmlreader-5.2.14-0.7.30.34 is installed
  • OR php5-xmlrpc-5.2.14-0.7.30.34 is installed
  • OR php5-xmlwriter-5.2.14-0.7.30.34 is installed
  • OR php5-xsl-5.2.14-0.7.30.34 is installed
  • OR php5-zip-5.2.14-0.7.30.34 is installed
  • OR php5-zlib-5.2.14-0.7.30.34 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • AND Package Information
  • apache2-mod_php5-5.2.14-0.7.30.34 is installed
  • OR php5-5.2.14-0.7.30.34 is installed
  • OR php5-bcmath-5.2.14-0.7.30.34 is installed
  • OR php5-bz2-5.2.14-0.7.30.34 is installed
  • OR php5-calendar-5.2.14-0.7.30.34 is installed
  • OR php5-ctype-5.2.14-0.7.30.34 is installed
  • OR php5-curl-5.2.14-0.7.30.34 is installed
  • OR php5-dba-5.2.14-0.7.30.34 is installed
  • OR php5-dbase-5.2.14-0.7.30.34 is installed
  • OR php5-dom-5.2.14-0.7.30.34 is installed
  • OR php5-exif-5.2.14-0.7.30.34 is installed
  • OR php5-fastcgi-5.2.14-0.7.30.34 is installed
  • OR php5-ftp-5.2.14-0.7.30.34 is installed
  • OR php5-gd-5.2.14-0.7.30.34 is installed
  • OR php5-gettext-5.2.14-0.7.30.34 is installed
  • OR php5-gmp-5.2.14-0.7.30.34 is installed
  • OR php5-hash-5.2.14-0.7.30.34 is installed
  • OR php5-iconv-5.2.14-0.7.30.34 is installed
  • OR php5-json-5.2.14-0.7.30.34 is installed
  • OR php5-ldap-5.2.14-0.7.30.34 is installed
  • OR php5-mbstring-5.2.14-0.7.30.34 is installed
  • OR php5-mcrypt-5.2.14-0.7.30.34 is installed
  • OR php5-mysql-5.2.14-0.7.30.34 is installed
  • OR php5-odbc-5.2.14-0.7.30.34 is installed
  • OR php5-openssl-5.2.14-0.7.30.34 is installed
  • OR php5-pcntl-5.2.14-0.7.30.34 is installed
  • OR php5-pdo-5.2.14-0.7.30.34 is installed
  • OR php5-pear-5.2.14-0.7.30.34 is installed
  • OR php5-pgsql-5.2.14-0.7.30.34 is installed
  • OR php5-pspell-5.2.14-0.7.30.34 is installed
  • OR php5-shmop-5.2.14-0.7.30.34 is installed
  • OR php5-snmp-5.2.14-0.7.30.34 is installed
  • OR php5-soap-5.2.14-0.7.30.34 is installed
  • OR php5-suhosin-5.2.14-0.7.30.34 is installed
  • OR php5-sysvmsg-5.2.14-0.7.30.34 is installed
  • OR php5-sysvsem-5.2.14-0.7.30.34 is installed
  • OR php5-sysvshm-5.2.14-0.7.30.34 is installed
  • OR php5-tokenizer-5.2.14-0.7.30.34 is installed
  • OR php5-wddx-5.2.14-0.7.30.34 is installed
  • OR php5-xmlreader-5.2.14-0.7.30.34 is installed
  • OR php5-xmlrpc-5.2.14-0.7.30.34 is installed
  • OR php5-xmlwriter-5.2.14-0.7.30.34 is installed
  • OR php5-xsl-5.2.14-0.7.30.34 is installed
  • OR php5-zip-5.2.14-0.7.30.34 is installed
  • OR php5-zlib-5.2.14-0.7.30.34 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP2 is installed
  • AND Package Information
  • apache2-mod_php5-5.2.14-0.7.30.34.1 is installed
  • OR php5-5.2.14-0.7.30.34.1 is installed
  • OR php5-bcmath-5.2.14-0.7.30.34.1 is installed
  • OR php5-bz2-5.2.14-0.7.30.34.1 is installed
  • OR php5-calendar-5.2.14-0.7.30.34.1 is installed
  • OR php5-ctype-5.2.14-0.7.30.34.1 is installed
  • OR php5-curl-5.2.14-0.7.30.34.1 is installed
  • OR php5-dba-5.2.14-0.7.30.34.1 is installed
  • OR php5-dbase-5.2.14-0.7.30.34.1 is installed
  • OR php5-dom-5.2.14-0.7.30.34.1 is installed
  • OR php5-exif-5.2.14-0.7.30.34.1 is installed
  • OR php5-fastcgi-5.2.14-0.7.30.34.1 is installed
  • OR php5-ftp-5.2.14-0.7.30.34.1 is installed
  • OR php5-gd-5.2.14-0.7.30.34.1 is installed
  • OR php5-gettext-5.2.14-0.7.30.34.1 is installed
  • OR php5-gmp-5.2.14-0.7.30.34.1 is installed
  • OR php5-hash-5.2.14-0.7.30.34.1 is installed
  • OR php5-iconv-5.2.14-0.7.30.34.1 is installed
  • OR php5-json-5.2.14-0.7.30.34.1 is installed
  • OR php5-ldap-5.2.14-0.7.30.34.1 is installed
  • OR php5-mbstring-5.2.14-0.7.30.34.1 is installed
  • OR php5-mcrypt-5.2.14-0.7.30.34.1 is installed
  • OR php5-mysql-5.2.14-0.7.30.34.1 is installed
  • OR php5-odbc-5.2.14-0.7.30.34.1 is installed
  • OR php5-openssl-5.2.14-0.7.30.34.1 is installed
  • OR php5-pcntl-5.2.14-0.7.30.34.1 is installed
  • OR php5-pdo-5.2.14-0.7.30.34.1 is installed
  • OR php5-pear-5.2.14-0.7.30.34.1 is installed
  • OR php5-pgsql-5.2.14-0.7.30.34.1 is installed
  • OR php5-pspell-5.2.14-0.7.30.34.1 is installed
  • OR php5-shmop-5.2.14-0.7.30.34.1 is installed
  • OR php5-snmp-5.2.14-0.7.30.34.1 is installed
  • OR php5-soap-5.2.14-0.7.30.34.1 is installed
  • OR php5-suhosin-5.2.14-0.7.30.34.1 is installed
  • OR php5-sysvmsg-5.2.14-0.7.30.34.1 is installed
  • OR php5-sysvsem-5.2.14-0.7.30.34.1 is installed
  • OR php5-sysvshm-5.2.14-0.7.30.34.1 is installed
  • OR php5-tokenizer-5.2.14-0.7.30.34.1 is installed
  • OR php5-wddx-5.2.14-0.7.30.34.1 is installed
  • OR php5-xmlreader-5.2.14-0.7.30.34.1 is installed
  • OR php5-xmlrpc-5.2.14-0.7.30.34.1 is installed
  • OR php5-xmlwriter-5.2.14-0.7.30.34.1 is installed
  • OR php5-xsl-5.2.14-0.7.30.34.1 is installed
  • OR php5-zip-5.2.14-0.7.30.34.1 is installed
  • OR php5-zlib-5.2.14-0.7.30.34.1 is installed
  • BACK