CVE-2012-1171

PHP 5.x - Unauthenticated Arbitrary File Read via libxml Custom Stream Wrapper

Title source: llm

Description

The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.

References (4)

Core 4

Core References

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=802591

Various Sources x_refsource_confirm

https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-write.phpt

View Writeup ZIP pw:eip

Various Sources x_refsource_misc

https://bugs.php.net/bug.php?id=61367

Vendor Advisory x_refsource_confirm

https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-read.phpt

View Writeup ZIP pw:eip

Scores

EPSS 0.0016

EPSS Percentile 36.6%

Details

CWE

CWE-200

Status published

Products (43)

php/php 5.0.0 (8 CPE variants)

php/php 5.0.1

php/php 5.0.2

php/php 5.0.3

php/php 5.0.4

php/php 5.0.5

php/php 5.1.0

php/php 5.1.1

php/php 5.1.2

php/php 5.1.3

... and 33 more

Published Feb 15, 2014

Tracked Since Feb 18, 2026