Description

ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory.

Remediation

References

CVE-2013-1635

Related Vulnerabilities

Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-34254)

PHP Numeric Errors Vulnerability (CVE-2011-1466)

MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-36129)

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-19217)

Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6446)

Severity

High

Classification

CVE-2013-1635 CWE-264

Tags

Missing Update Known Vulnerabilities