Описание
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-0057
- https://bugs.php.net/bug.php?id=54446
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72908
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
- http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html
- http://openwall.com/lists/oss-security/2012/01/13/10
- http://openwall.com/lists/oss-security/2012/01/13/4
- http://openwall.com/lists/oss-security/2012/01/13/5
- http://openwall.com/lists/oss-security/2012/01/13/6
- http://openwall.com/lists/oss-security/2012/01/13/7
- http://openwall.com/lists/oss-security/2012/01/14/1
- http://openwall.com/lists/oss-security/2012/01/14/2
- http://openwall.com/lists/oss-security/2012/01/14/3
- http://openwall.com/lists/oss-security/2012/01/15/1
- http://openwall.com/lists/oss-security/2012/01/15/10
- http://openwall.com/lists/oss-security/2012/01/15/2
- http://openwall.com/lists/oss-security/2012/01/18/3
- http://php.net/ChangeLog-5.php#5.3.9
- http://secunia.com/advisories/48668
- http://www.debian.org/security/2012/dsa-2399
EPSS
CVE ID
Связанные уязвимости
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
PHP before 5.3.9 has improper libxslt security settings, which allows ...
Уязвимость библиотеки libxslt интерпретатора языка программирования PHP, позволяющая нарушителю создать произвольные файлы
EPSS