CVE-2009-5054

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2009-5054

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2009-5054.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2009-5054

Aliases

GHSA-6m9f-8vwq-97pm

Downstream

DEBIAN-CVE-2009-5054

Withdrawn

2026-01-27T04:10:07.124494Z

Published

2011-02-03T17:00:01Z

Modified

2026-01-27T04:10:07.124494Z

Summary

[none]

Details

Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operations.

References

http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt

CVE-2009-5054

Affected packages