Medium severity6.5NVD Advisory· Published May 16, 2016· Updated Jun 17, 2026
CVE-2015-3411
CVE-2015-3411
Description
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
47cpe:2.3:a:php:php:*:*:*:*:*:*:*:*+ 33 more
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*range: <=5.4.39
- cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
- (no CPE)range: 5.4.x < 5.4.40, 5.5.x < 5.5.24, 5.6.x < 5.6.8
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- osv-coords5 versionspkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/php5&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012pkg:rpm/suse/php5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/php74&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012pkg:rpm/suse/php74&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 5.3.17-47.1+ 4 more
- (no CPE)range: < 5.3.17-47.1
- (no CPE)range: < 5.5.14-30.1
- (no CPE)range: < 5.5.14-30.1
- (no CPE)range: < 7.4.33-1.50.2
- (no CPE)range: < 7.4.33-1.50.2
Patches
Vulnerability mechanics
References
10- bugs.php.net/bug.phpnvdExploit
- git.php.netnvd
- php.net/ChangeLog-5.phpnvd
- rhn.redhat.com/errata/RHSA-2015-1135.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1186.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1187.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1218.htmlnvd
- www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlnvd
- www.securityfocus.com/bid/75255nvd
- www.securitytracker.com/id/1032709nvd
News mentions
0No linked articles in our index yet.