Unrated severityNVD Advisory· Published Jun 8, 2014· Updated May 6, 2026
CVE-2014-3981
CVE-2014-3981
Description
acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- bugs.php.net/bug.phpnvdPatchVendor Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- openwall.com/lists/oss-security/2014/06/06/12nvdMailing ListThird Party Advisory
- seclists.org/fulldisclosure/2014/Jun/21nvdMailing ListThird Party Advisory
- support.apple.com/kb/HT6443nvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlnvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- support.apple.com/HT204659nvdThird Party Advisory
- lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlnvdMailing List
News mentions
0No linked articles in our index yet.