CVE-2012-0788 in PHPinfo

Summary

The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

01/19/2012

Disclosure

02/14/2012

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-20 (Confirmed)

Exploit

Download

CVSS

5.3

EPSS

0.05214

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-0788
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-0788
CVE Details	https://www.cvedetails.com/cve/CVE-2012-0788/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!