CVE-2004-0530 : The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path,

The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path.

Published 2004-08-06 04:00:00

Updated 2017-07-11 01:30:14

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2004-0530

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-0530

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2004-0530

https://exchange.xforce.ibmcloud.com/vulnerabilities/16310
http://www.securityfocus.com/bid/10461
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.419765

Patch;Vendor Advisory

Vulnerability Details : CVE-2004-0530

Exploit prediction scoring system (EPSS) score for CVE-2004-0530

CVSS scores for CVE-2004-0530

References for CVE-2004-0530