Lucene search
HistoryFeb 14, 2012 - 3:55 p.m.
CVE-2012-0789
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
Low
0.077 Low
EPSS
Percentile
94.2%
Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache.
Affected configurations
Node
phpphpRange≤5.3.8
ORphpphpMatch5.0.0
ORphpphpMatch5.0.0beta1
ORphpphpMatch5.0.0beta2
ORphpphpMatch5.0.0beta3
ORphpphpMatch5.0.0beta4
ORphpphpMatch5.0.0rc1
ORphpphpMatch5.0.0rc2
ORphpphpMatch5.0.0rc3
ORphpphpMatch5.0.1
ORphpphpMatch5.0.2
ORphpphpMatch5.0.3
ORphpphpMatch5.0.4
ORphpphpMatch5.0.5
ORphpphpMatch5.1.1
ORphpphpMatch5.1.2
ORphpphpMatch5.1.3
ORphpphpMatch5.1.4
ORphpphpMatch5.1.5
ORphpphpMatch5.1.6
ORphpphpMatch5.2.0
ORphpphpMatch5.2.1
ORphpphpMatch5.2.2
ORphpphpMatch5.2.3
ORphpphpMatch5.2.4
ORphpphpMatch5.2.5
ORphpphpMatch5.2.6
ORphpphpMatch5.2.7
ORphpphpMatch5.2.8
ORphpphpMatch5.2.9
ORphpphpMatch5.2.10
ORphpphpMatch5.2.11
ORphpphpMatch5.2.12
ORphpphpMatch5.2.14
ORphpphpMatch5.2.15
ORphpphpMatch5.2.16
ORphpphpMatch5.2.17
ORphpphpMatch5.3.0
ORphpphpMatch5.3.1
ORphpphpMatch5.3.2
ORphpphpMatch5.3.3
ORphpphpMatch5.3.4
ORphpphpMatch5.3.5
ORphpphpMatch5.3.6
ORphpphpMatch5.3.7
Related
cve
cve
CVE-2012-0789
2012-02-14 15:55:00
openvas
openvas
FreeBSD Ports: php5
2012-09-19 00:00:00
FreeBSD Ports: php5
2012-09-19 00:00:00
PHP Web Form Hash Collision Denial of Service Vulnerability - Windows
2012-01-03 00:00:00
prion
prion
Memory corruption
2012-02-14 15:55:00
ubuntucve
ubuntucve
CVE-2012-0789
2012-02-14 00:00:00
nessus
nessus
FreeBSD : php5 -- Denial of Service in php_date_parse_tzfile() (9b2a5e88-02b8-11e2-92d1-000d601460a4)
2012-09-20 00:00:00
RHEL 4 : php (Unpatched Vulnerability)
2024-06-03 00:00:00
PHP < 5.3.9 Multiple Vulnerabilities
2012-01-16 00:00:00
freebsd
freebsd
php5 -- Denial of Service in php_date_parse_tzfile()
2010-12-08 00:00:00
cvelist
cvelist
CVE-2012-0789
2012-02-14 15:00:00
oraclelinux
oraclelinux
php security update
2012-06-27 00:00:00
php53 security update
2012-06-27 00:00:00
php security update
2012-06-29 00:00:00
veracode
veracode
Denial Of Service (DoS) Or Directory Traversal
2019-05-02 04:42:12
Denial Of Service (DoS)
2019-05-02 04:42:12
Arbitrary Code Execution
2019-05-02 04:42:12
centos
centos
php security update
2012-06-27 20:21:47
php53 security update
2012-06-27 20:24:26
php security update
2012-07-10 17:36:22
redhat
redhat
(RHSA-2012:1045) Moderate: php security update
2012-06-27 00:00:00
(RHSA-2012:1047) Moderate: php53 security update
2012-06-27 00:00:00
(RHSA-2012:1046) Moderate: php security update
2012-06-27 00:00:00
suse
suse
Security update for PHP5 (important)
2012-03-24 03:08:28
update for php5 (important)
2012-03-29 15:08:14
Security update for PHP5 (important)
2012-04-12 23:08:15
gentoo
gentoo
PHP: Multiple vulnerabilities
2012-09-24 00:00:00
f5
f5
Multiple PHP vulnerabilities
2012-04-05 02:07:00
SOL13518 - Multiple PHP vulnerabilities
2012-04-04 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
Low
0.077 Low
EPSS
Percentile
94.2%
Related for NVD:CVE-2012-0789