CVE-2012-1171

Name of the Vulnerable Software and Affected Versions PHP versions 5.x

Description The issue allows remote attackers to bypass the open basedir protection mechanism and read arbitrary files. This is achieved through vectors involving a stream close method call during the use of a custom stream wrapper. The exploitation of this issue may allow a remote attacker to disclose protected information by reading arbitrary files.

Recommendations For PHP version 5.x, consider disabling custom stream wrappers until a patch is available to prevent the exploitation of this issue. Restrict access to sensitive files and directories to minimize the risk of arbitrary file reading. At the moment, there is no information about a newer version that contains a fix for this vulnerability.