PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render() is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed.
GSA_kwCzR0hTQS14NDNnLWdqOXgtODM4eM4AAq96
PhantomJS Arbitrary File Read
| Affected Packages | Affected Versions | Fixed Versions | |
|---|---|---|---|
|
npm:phantomjs
PURL:
pkg:npm/phantomjs
|
<= 2.1.1 | No known fixed version | |
Affected Version RangesAll affected versions0.0.1, 0.0.2, 0.0.3, 0.0.4, 0.0.5, 0.0.6, 0.0.7, 0.0.8, 0.0.9, 0.1.0, 0.1.1, 0.2.0, 0.2.1, 0.2.2, 0.2.3, 0.2.4, 0.2.5, 0.2.6, 1.8.0-1, 1.8.1-1, 1.8.1-2, 1.8.1-3, 1.8.2-0, 1.8.2-1, 1.8.2-2, 1.8.2-3, 1.9.0-0, 1.9.0-1, 1.9.0-2, 1.9.0-3, 1.9.0-4, 1.9.0-5, 1.9.0-6, 1.9.1-0, 1.9.1-2, 1.9.1-3, 1.9.1-4, 1.9.1-5, 1.9.1-6, 1.9.1-7, 1.9.1-8, 1.9.1-9, 1.9.2-0, 1.9.2-1, 1.9.2-2, 1.9.2-3, 1.9.2-4, 1.9.2-5, 1.9.2-6, 1.9.6-0, 1.9.7-1, 1.9.7-3, 1.9.7-4, 1.9.7-5, 1.9.7-6, 1.9.7-7, 1.9.7-8, 1.9.7-9, 1.9.7-10, 1.9.7-11, 1.9.7-12, 1.9.7-13, 1.9.7-14, 1.9.7-15, 1.9.8, 1.9.9, 1.9.10, 1.9.11, 1.9.12, 1.9.13, 1.9.15, 1.9.16, 1.9.17, 1.9.18, 1.9.19, 1.9.20, 2.1.1 |
|||