CVE-2016-5385 (retired)

PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18
namespace conflicts and therefore does not protect applications from the
presence of untrusted client data in the HTTP_PROXY environment variable,
which might allow remote attackers to redirect an application's outbound
HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an
HTTP request, as demonstrated by (1) an application that makes a
getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an
"httpoxy" issue.
More Information

Updated: 2019-03-26 12:22:09 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)