Description
The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
Remediation
References
Related Vulnerabilities
Artifactory Improper Input Validation Vulnerability (CVE-2016-6501)
WordPress Plugin Catchers Helpdesk and Ticket system for Support Cross-Site Scripting (2.6.7)
WordPress Plugin Related Posts Lite Security Bypass (1.1)
PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-0441)