Red Hat Security Advisory 2012-1045-01

newsbot

newsbot

RSS Feed
Red Hat Security Advisory 2012-1045-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user running PHP, if a PHP script processed untrusted eXtensible Style Sheet Language Transformations content. Note: This update disables file writing by default. A new PHP configuration directive, "xsl.security_prefs", can be used to enable file writing in XSLT.

Weiterlesen...
 

Ähnliche Themen

Zugriff Ubuntu 16.04. auf Freigabe 18.04. LTS nicht möglich

Red Hat Security Advisory 2012-1046-01

Red Hat Security Advisory 2012-1047-01

Red Hat Security Advisory 2012-1265-01

Red Hat Security Advisory 2013-0129-01

Zurück
Oben