CVE-2012-0057

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:P/I:P/A:N
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
phpphp
𝑥
≤ 5.3.8
phpphp
5.0.0
phpphp
5.0.0
phpphp
5.0.0
phpphp
5.0.0
phpphp
5.0.0
phpphp
5.0.0
phpphp
5.0.0
phpphp
5.0.0
phpphp
5.0.1
phpphp
5.0.2
phpphp
5.0.3
phpphp
5.0.4
phpphp
5.0.5
phpphp
5.1.0
phpphp
5.1.1
phpphp
5.1.2
phpphp
5.1.3
phpphp
5.1.4
phpphp
5.1.5
phpphp
5.1.6
phpphp
5.2.0
phpphp
5.2.1
phpphp
5.2.2
phpphp
5.2.3
phpphp
5.2.4
phpphp
5.2.5
phpphp
5.2.6
phpphp
5.2.7
phpphp
5.2.8
phpphp
5.2.9
phpphp
5.2.10
phpphp
5.2.11
phpphp
5.2.12
phpphp
5.2.13
phpphp
5.2.14
phpphp
5.2.15
phpphp
5.2.16
phpphp
5.2.17
phpphp
5.3.0
phpphp
5.3.1
phpphp
5.3.2
phpphp
5.3.3
phpphp
5.3.4
phpphp
5.3.5
phpphp
5.3.6
phpphp
5.3.7
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
php5
oneiric
Fixed 5.3.6-13ubuntu3.5
released
natty
Fixed 5.3.5-1ubuntu7.6
released
maverick
Fixed 5.3.3-1ubuntu9.9
released
lucid
Fixed 5.3.2-1ubuntu4.13
released
hardy
Fixed 5.2.4-2ubuntu5.22
released
Common Weakness Enumeration
References