CVE-2012-0830

Severity

75%

Complexity

99%

Confidentiality

106%

The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.

The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 13 years ago

2012-02-06 20:55:00

Last updated 7 years ago

2018-01-09 02:29:00

Affected Software

PHP 5.3.9

5.3.9

References

HPSBMU02786

APPLE-SA-2012-05-09-1

SUSE-SU-2012:0411

openSUSE-SU-2012:0426

SSRT100856

[oss-security] 20120202 PHP remote code execution introduced via HashDoS fix

[oss-security] 20120203 Re: PHP remote code execution introduced via HashDoS fix

RHSA-2012:0092

47801

47806

Vendor Advisory

47813

48668

1026631

http://support.apple.com/kb/HT5281

http://svn.php.net/viewvc?view=revision&revision=323007

http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/

Exploit

DSA-2403

http://www.h-online.com/security/news/item/Critical-PHP-vulnerability-being-fixed-1427316.html

78819

http://www.php.net/ChangeLog-5.php#5.3.10

51830

Exploit

php-phpregistervariableex-code-exec(72911)

https://gist.github.com/1725489

Exploit

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.