Lucene search

K
attackerkbAttackerKBAKB:0E540893-4BAD-42B2-9EEE-658ADE8002D8
HistoryMay 11, 2012 - 12:00 a.m.

CVE-2012-2329 PHP Apache Request Headers

2012-05-1100:00:00
attackerkb.com
15

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.606 Medium

EPSS

Percentile

97.8%

Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.

Recent assessments:

wchen-r7 at September 12, 2019 6:07pm UTC reported:

ā€”
ā€`

References

<http://www.php.net/ChangeLog-5.php#5.4.3&gt;
Fixed bug #61807 Buffer Overflow in apache_request_headers, CVE-2012-2329. => Bug private at the moment of writing

<http://www.securityfocus.com/bid/53455&gt;

Redhat, include patches:
<https://bugzilla.redhat.com/show_bug.cgi?id=820000&gt;

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.606 Medium

EPSS

Percentile

97.8%