CVE-2012-0057

MEDIUM

Description

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html

http://openwall.com/lists/oss-security/2012/01/13/10

http://openwall.com/lists/oss-security/2012/01/13/4

http://openwall.com/lists/oss-security/2012/01/13/5

http://openwall.com/lists/oss-security/2012/01/13/6

http://openwall.com/lists/oss-security/2012/01/13/7

http://openwall.com/lists/oss-security/2012/01/14/1

http://openwall.com/lists/oss-security/2012/01/14/2

http://openwall.com/lists/oss-security/2012/01/14/3

http://openwall.com/lists/oss-security/2012/01/15/1

http://openwall.com/lists/oss-security/2012/01/15/10

http://openwall.com/lists/oss-security/2012/01/15/2

http://openwall.com/lists/oss-security/2012/01/18/3

http://php.net/ChangeLog-5.php#5.3.9

http://secunia.com/advisories/48668

http://www.debian.org/security/2012/dsa-2399

https://bugs.php.net/bug.php?id=54446

https://exchange.xforce.ibmcloud.com/vulnerabilities/72908

Details

Source: MITRE

Published: 2012-02-02

Updated: 2018-01-18

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 6.4

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*

cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 5.3.8 (inclusive)

Tenable Plugins

View all (24 total)

ID	Name	Product	Family	Severity
74580	openSUSE Security Update : php5 (openSUSE-SU-2012:0426-1)	Nessus	SuSE Local Security Checks	high
68571	Oracle Linux 5 : php53 (ELSA-2012-1047)	Nessus	Oracle Linux Local Security Checks	high
68570	Oracle Linux 6 : php (ELSA-2012-1046)	Nessus	Oracle Linux Local Security Checks	high
68569	Oracle Linux 5 : php (ELSA-2012-1045)	Nessus	Oracle Linux Local Security Checks	medium
67089	CentOS 5 : php53 (CESA-2012:1047)	Nessus	CentOS Local Security Checks	high
62236	GLSA-201209-03 : PHP: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
61358	Scientific Linux Security Update : php on SL6.x i386/x86_64 (20120627)	Nessus	Scientific Linux Local Security Checks	high
61357	Scientific Linux Security Update : php on SL5.x i386/x86_64 (20120627)	Nessus	Scientific Linux Local Security Checks	medium
61356	Scientific Linux Security Update : php53 on SL5.x i386/x86_64 (20120627)	Nessus	Scientific Linux Local Security Checks	high
59938	CentOS 6 : php (CESA-2012:1046)	Nessus	CentOS Local Security Checks	high
59851	HP System Management Homepage < 7.1.1 Multiple Vulnerabilities	Nessus	Web Servers	critical
59753	RHEL 5 : php53 (RHSA-2012:1047)	Nessus	Red Hat Local Security Checks	high
59752	RHEL 6 : php (RHSA-2012:1046)	Nessus	Red Hat Local Security Checks	high
59751	RHEL 5 : php (RHSA-2012:1045)	Nessus	Red Hat Local Security Checks	medium
59738	CentOS 5 : php (CESA-2012:1045)	Nessus	CentOS Local Security Checks	medium
58740	SuSE 11.1 Security Update : PHP5 (SAT Patch Number 5964)	Nessus	SuSE Local Security Checks	high
58615	SuSE 11.2 Security Update : PHP5 (SAT Patch Number 5958)	Nessus	SuSE Local Security Checks	medium
58480	SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8009)	Nessus	SuSE Local Security Checks	high
57932	Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : php5 regression (USN-1358-2)	Nessus	Ubuntu Local Security Checks	high
57888	Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : php5 vulnerabilities (USN-1358-1)	Nessus	Ubuntu Local Security Checks	high
57753	Debian DSA-2399-2 : php5 - several vulnerabilities	Nessus	Debian Local Security Checks	high
801116	PHP < 5.3.9 Multiple Vulnerabilities	Log Correlation Engine	Web Servers	high
6263	PHP < 5.3.9 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	high
57537	PHP < 5.3.9 Multiple Vulnerabilities	Nessus	CGI abuses	high