Lucene search

[email protected]CVE-2012-2329

HistoryMay 11, 2012 - 10:15 a.m.

CVE-2012-2329

2012-05-1110:15:00

CWE-119

[email protected]

web.nvd.nist.gov

120

cve-2012-2329

buffer overflow

php 5.4.x

remote attack

denial of service

nvd

6.5 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.606 Medium

EPSS

Percentile

97.7%

JSON

Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.

CPENameOperatorVersion
php:phpphpeq5.4.2
php:phpphpeq5.4.0
php:phpphpeq5.4.1

CPE	Name	Operator	Version
php:php	php	eq	5.4.2
php:php	php	eq	5.4.0
php:php	php	eq	5.4.1

References

secunia.com/advisories/49014

www.php.net/archive/2012.php#id2012-05-08-1

www.php.net/ChangeLog-5.php#5.4.3

www.securityfocus.com/bid/53455

bugs.php.net/bug.php?id=61807

bugzilla.redhat.com/show_bug.cgi?id=820000

exchange.xforce.ibmcloud.com/vulnerabilities/75545

h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862

6.5 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.606 Medium

EPSS

Percentile

97.7%

JSON

Related for CVE-2012-2329

prion1 attackerkb1 ubuntucve1 packetstorm1 checkpoint_advisories1 metasploit1 openvas18 fedora7 nessus6 freebsd1 threatpost1 f52 securityvulns4