Lucene search

FreeBSD2CDE1892-913E-11E1-B44C-001FD0AF1A4C

HistoryMar 01, 2012 - 12:00 a.m.

php -- multiple vulnerabilities

2012-03-0100:00:00

vuxml.freebsd.org

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.035 Low

EPSS

Percentile

91.4%

JSON

php development team reports:

Security Enhancements for both PHP 5.3.11 and PHP 5.4.1:

Insufficient validating of upload name leading to corrupted $_FILES indices. (CVE-2012-1172)
Add open_basedir checks to readline_write_history and readline_read_history.

Security Enhancements for both PHP 5.3.11 only:

Regression in magic_quotes_gpc fix for CVE-2012-0831.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphp53< 5.3.11UNKNOWN
FreeBSDanynoarchphp5< 5.3.11UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	php53	< 5.3.11	UNKNOWN
FreeBSD	any	noarch	php5	< 5.3.11	UNKNOWN

References

www.php.net/archive/2012.php#id2012-04-26-1

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.035 Low

EPSS

Percentile

91.4%

JSON

Related for 2CDE1892-913E-11E1-B44C-001FD0AF1A4C