← back
CVE-2012-1171

CVE-2012-1171

EPSS 2.8%
The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.php.net/bug.php?id=61367https://bugzilla.redhat.com/show_bug.cgi?id=802591https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-read.phpthttps://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-write.phpt