Description

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.

Remediation

References

CVE-2012-0057

Related Vulnerabilities

WordPress Plugin Relevanssi Premium-A Better Search Cross-Site Scripting (1.14.8)

WordPress Plugin FluentSMTP-WP Mail SMTP, Amazon SES, SendGrid, MailGun and Any SMTP Connector Cross-Site Scripting (2.2.4)

WordPress Plugin Disable Image Right Click Cross-Site Scripting (1.0)

Oracle Database Server CVE-2008-1821 Vulnerability (CVE-2008-1821)

WordPress Plugin StreamCast-Radio Player for WordPress Cross-Site Scripting (2.1)

Severity

Medium

Classification

CVE-2012-0057 CWE-264

Tags

Missing Update Known Vulnerabilities