Description
mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
Remediation
References
Related Vulnerabilities
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3250)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0800)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0763)
TYPO3 Improper Input Validation Vulnerability (CVE-2009-0258)