Vulnerability Details : CVE-2014-2383
dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input_file parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the input_file parameter.
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2014-2383
Probability of exploitation activity in the next 30 days: 0.51%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 76 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-2383
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2014-2383
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-2383
-
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2383/
CVE-2014-2383 - PortcullisBroken Link
-
https://explore.avertium.com/resource/lfi-rfi-escalation-to-rce
CVE-2014-2383: LFI/RFI Escalation to RCE
-
https://github.com/dompdf/dompdf/commit/23a693993299e669306929e3d49a4a1f7b3fb028
Remove pre-processing of PHP code, disallow I/O streams as file input · dompdf/dompdf@23a6939 · GitHubPatch;Third Party Advisory
-
http://seclists.org/fulldisclosure/2014/Apr/258
Full Disclosure: CVE-2014-2383 - Arbitrary file read in dompdfMailing List;Third Party Advisory
-
http://www.securityfocus.com/archive/1/531912/100/0/threaded
SecurityFocusBroken Link;Third Party Advisory;VDB Entry
Products affected by CVE-2014-2383
- cpe:2.3:a:dompdf:dompdf:*:beta3:*:*:*:*:*:*