PHP Security Bypass Vulnerability Network Vulnerability

Summary

PHP is prone to a security-bypass vulnerability. Remote attackers can exploit this issue to bypass certain security restrictions and create arbitrary files in the context of the application. Versions prior to PHP 5.3.9 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://www.php.net/
http://www.php.net/ChangeLog-5.php
http://www.securityfocus.com/bid/51806
https://bugs.php.net/bug.php?id=54446
https://bugzilla.redhat.com/show_bug.cgi?id=782657

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0057

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N

Related Vulnerabilities

Apache Error Log Escape Sequence Injection
Avant Browser Address Bar Spoofing Vulnerability
Adobe Reader Information Disclosure Vulnerability Jun05 (Windows)
Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)
Brother HL-5370DW Printer 'post/panel.html' Security Bypass Vulnerability

Take action and discover your vulnerabilities