Description
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
Remediation
References
Related Vulnerabilities
WordPress Plugin Smart Slider 3 Cross-Site Scripting (3.5.0.8)
WordPress Plugin WordPress File Upload Directory Traversal (4.12.2)
Jenkins CVE-2023-43494 Vulnerability (CVE-2023-43494)
Joomla! Core 3.x.x Multiple Vulnerabilities (3.0.0 - 3.10.6)
WordPress Plugin Special Text Boxes Unspecified Vulnerability (5.5.102)