CVE-2013-1635
Publication date 6 March 2013
Last updated 24 July 2024
Ubuntu priority
ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory.
Status
Package | Ubuntu Release | Status |
---|---|---|
php5 | 12.10 quantal | Ignored |
12.04 LTS precise | Ignored | |
11.10 oneiric | Ignored | |
10.04 LTS lucid | Ignored | |
8.04 LTS hardy | Ignored |
Notes
Patch details
Package | Patch details |
---|---|
php5 |