CVE-2012-2386 in PHP信息

摘要

由 VulDB • 2026-06-26

PHP中phar扩展的tar.c文件中的phar_parse_tarfile函数存在整数溢出漏洞,该漏洞影响5.3.14之前的版本以及5.4.x系列中早于5.4.4的版本。远程攻击者可通过构造恶意tar文件触发基于堆的缓冲区溢出(heap-based buffer overflow),从而导致拒绝服务(应用程序崩溃)或可能执行任意代码。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!