{
  "modified": "2025-08-09T19:01:29Z",
  "published": "2011-02-03T17:00:01Z",
  "id": "CVE-2009-5054",
  "details": "Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operations.",
  "references": [
    {
      "type": "WEB",
      "url": "http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt"
    }
  ]
}