Lucene search
HistoryJan 19, 2013 - 9:55 p.m.
CVE-2012-6113
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0.005
Percentile
75.7%
The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 through 5.3.13 does not initialize a certain variable, which allows remote attackers to obtain sensitive information from process memory by providing zero bytes of input data.
Affected configurations
Node
phpphpMatch5.3.9
ORphpphpMatch5.3.10
ORphpphpMatch5.3.11
ORphpphpMatch5.3.12
ORphpphpMatch5.3.13
Related
cve
cve
CVE-2012-6113
2013-01-19 21:55:01
ubuntucve
ubuntucve
CVE-2012-6113
2013-01-18 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1702-1)
2013-01-24 00:00:00
Ubuntu Update for php5 USN-1702-1
2013-01-24 00:00:00
seebug
seebug
PHP 'openssl_encrypt()'ĺ˝ć°äżĄćŻćłé˛ćźć´
2013-01-22 00:00:00
nessus
nessus
Ubuntu 12.04 LTS : php5 vulnerability (USN-1702-1)
2013-01-23 00:00:00
PHP 5.3.x < 5.3.14 / 5.4.x < 5.4.4 Multiple Vulnerabilities
2016-02-25 00:00:00
PHP 5.3.x < 5.3.14 Multiple Vulnerabilities
2012-06-15 00:00:00
securityvulns
securityvulns
PHP information leakage
2013-01-27 00:00:00
cvelist
cvelist
CVE-2012-6113
2013-01-19 21:00:00
ubuntu
ubuntu
PHP vulnerability
2013-01-22 00:00:00
prion
prion
Input validation
2013-01-19 21:55:00
hackerone
hackerone
Yahoo!: Out of date version
2014-03-30 08:47:50
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0.005
Percentile
75.7%
Related for NVD:CVE-2012-6113