Name | CVE-2017-9841 |
Description | Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Debian Bugs | 866200 |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
phpunit (PTS) | bullseye | 9.5.2-1 | fixed |
bookworm | 9.6.7-1 | fixed | |
sid, trixie | 9.6.21-1 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
phpunit | source | wheezy | (not affected) | |||
phpunit | source | jessie | (not affected) | |||
phpunit | source | stretch | 5.4.6-2~deb9u1 | |||
phpunit | source | (unstable) | 5.4.6-2 | 866200 |
[jessie] - phpunit <not-affected> (Issue introduced later; vulnerable code not present)
[wheezy] - phpunit <not-affected> (Issue introduced later; vulnerable code not present)
https://github.com/sebastianbergmann/phpunit/pull/1956
https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5
http://phpunit.vulnbusters.com/