Vulnerability Details CVE-2009-3558
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.042
EPSS Ranking 88.3%
CVSS Severity
CVSS v2 Score 6.8
Products affected by CVE-2009-3558