CVE-2017-5630

Posted on by admin

CVE-2017-5630

PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote HTTP servers to overwrite files via crafted responses, as demonstrated by a .htaccess overwrite.

Source: CVE-2017-5630

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다