CVE-2012-1050
Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1.5p7, when configured with the * construct for mass virtual hosting, allows remote attackers to read arbitrary files via a crafted Host header.
Date published : 2012-02-13
http://archives.neohapsis.com/archives/bugtraq/2012-02/0025.html