Description
The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.
Remediation
References
Related Vulnerabilities
Apache Tomcat Other Vulnerability (CVE-2000-0672)
WordPress Plugin WordPress Social Sharing-Social Warfare Cross-Site Scripting (3.5.3)
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.1)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3065)
Drupal 7PK - Security Features Vulnerability (CVE-2016-3163)