← volver
CVE-2012-1171

CVE-2012-1171

EPSS 2.8%
The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugs.php.net/bug.php?id=61367https://bugzilla.redhat.com/show_bug.cgi?id=802591https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-read.phpthttps://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-write.phpt