Описание
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 5.3.10-1ubuntu1 |
| hardy | released | 5.2.4-2ubuntu5.22 |
| lucid | released | 5.3.2-1ubuntu4.13 |
| maverick | released | 5.3.3-1ubuntu9.9 |
| natty | released | 5.3.5-1ubuntu7.6 |
| oneiric | released | 5.3.6-13ubuntu3.5 |
| upstream | released | 5.3.9-1 |
Показывать по
EPSS
6.4 Medium
CVSS2
Связанные уязвимости
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
PHP before 5.3.9 has improper libxslt security settings, which allows ...
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
Уязвимость библиотеки libxslt интерпретатора языка программирования PHP, позволяющая нарушителю создать произвольные файлы
EPSS
6.4 Medium
CVSS2