Description
The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.
Remediation
References
Related Vulnerabilities
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3385)
WordPress Plugin WP Social Feed Gallery Unspecified Vulnerability (2.1.1)
Apache HTTP Server Other Vulnerability (CVE-2000-0505)
MySQL CVE-2018-2782 Vulnerability (CVE-2018-2782)
WordPress Plugin NextGEN Gallery-WordPress Gallery SQL Injection (2.1.77)