CVE-2012-2335 in PHP
Resumen (Inglés)
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Reservar
2012-04-19
Divulgación
2012-05-11
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 60731 | PHP Wrapper escalada de privilegios | 264 | No está definido | No está definido | CVE-2012-2335 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV