Description

The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.

Remediation

References

CVE-2012-1171

Related Vulnerabilities

Artifactory Improper Input Validation Vulnerability (CVE-2016-6501)

WordPress Plugin Catchers Helpdesk and Ticket system for Support Cross-Site Scripting (2.6.7)

Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6186)

WordPress Plugin Related Posts Lite Security Bypass (1.1)

PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-0441)

Severity

Medium

Classification

CVE-2012-1171 CWE-200

Tags

Missing Update Known Vulnerabilities