sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the ‘d’ case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.

References

eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/

lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html

lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html

lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html

secunia.com/advisories/49014

secunia.com/advisories/49085

support.apple.com/kb/HT5501

www.debian.org/security/2012/dsa-2465

www.kb.cert.org/vuls/id/520827

www.php.net/archive/2012.php

www.php.net/ChangeLog-5.php

www.securitytracker.com/id?1027022

bugs.php.net/bug.php?id=61910

bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff-fix-check.patch&revision=1336093719&display=1

h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862

marc.info/?l=bugtraq&m=134012830914727&w=2

openvas 59

fedora 15

nessus 33

suse 4

cert 2

ubuntucve 3

cvelist 4

nvd 4

ubuntu 1

cve 4

debian 1

freebsd 2

exploitdb 3

threatpost 11

osv 1

checkpoint_advisories 1

amazon 1

thn 5

saint 4

symantec 1

centos 2

packetstorm 6

seebug 7

exploitpack 3

metasploit 1

redhat 5

cisa_kev 2

attackerkb 2

prion 3

securityvulns 2

oraclelinux 2

zdt 1

canvas 1

veracode 1

nuclei 1

hackerone 1

openvas

SuSE Update for update openSUSE-SU-2012:0590-1 (update)

2012-12-13 00:00:00

Fedora Update for maniadrive FEDORA-2012-7567

2012-05-28 00:00:00

Fedora Update for php-eaccelerator FEDORA-2012-7567

2012-05-28 00:00:00

fedora

[SECURITY] Fedora 16 Update: maniadrive-1.2-32.fc16.5

2012-05-27 01:52:21

[SECURITY] Fedora 15 Update: php-eaccelerator-0.9.6.1-9.fc15.5

2012-05-27 07:21:55

[SECURITY] Fedora 15 Update: maniadrive-1.2-32.fc15.5

2012-05-27 07:21:55

nessus

Fedora 15 : maniadrive-1.2-32.fc15.5 / php-5.3.13-1.fc15 / php-eaccelerator-0.9.6.1-9.fc15.5 (2012-7567)

2012-05-29 00:00:00

Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : php5 vulnerability (USN-1437-1)

2012-05-07 00:00:00

openSUSE Security Update : php5 (openSUSE-SU-2012:0590-1)

2014-06-13 00:00:00

suse

update for php5 (critical)

2012-05-07 16:08:55

Security update for PHP5 (critical)

2012-05-09 02:08:18

Security update for PHP5 (critical)

2012-05-09 06:08:17

cert

PHP-CGI query string parameter vulnerability

2012-05-03 00:00:00

Parallels Plesk Panel phppath/php vulnerability

2013-06-07 00:00:00

ubuntucve

CVE-2012-2311

2012-05-04 00:00:00

CVE-2012-1823

2012-05-03 00:00:00

CVE-2012-2335

2012-05-11 00:00:00

cvelist

CVE-2012-2311

2012-05-11 10:00:00

CVE-2012-1823

2012-05-11 10:00:00

CVE-2012-2336

2012-05-11 10:00:00

nvd

CVE-2012-2311

2012-05-11 10:15:48

CVE-2012-1823

2012-05-11 10:15:48

CVE-2012-2336

2012-05-11 10:15:48

ubuntu

PHP vulnerability

2012-05-04 00:00:00

cve

CVE-2012-2311

2012-05-11 10:15:48

CVE-2012-1823

2012-05-11 10:15:48

CVE-2013-4878

2022-10-03 16:14:57

debian

[SECURITY] [DSA 2465-1] php5 security update

2012-05-09 17:23:53

freebsd

php -- multiple vulnerabilities

2012-05-08 00:00:00

php -- vulnerability in certain CGI-based setups

2012-05-03 00:00:00

exploitdb

Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (2)

2013-11-01 00:00:00

Plesk < 9.5.4 - Remote Command Execution

2013-06-05 00:00:00

PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection

2012-05-05 00:00:00

threatpost

PHP Group Releases New Versions, But Patch Doesn't Fix CVE-2012-1823 Bug

2012-05-04 14:26:46

Another Set of PHP Releases Pushed Out to Fix CVE-2012-1823 Flaw

2012-05-09 14:32:23

U.S. Cyber Command Using Classified Intel To Scare CEOs To Action

2012-05-09 18:39:14

osv

php5 - several

2012-05-09 00:00:00

checkpoint_advisories

PHP php-cgi Query String Parameter Code Execution (CVE-2012-1823; CVE-2012-2311; CVE-2012-2335; CVE-2012-2336; CVE-2013-4878)

2012-05-14 00:00:00

amazon

Critical: php

2012-05-09 14:54:00

thn

Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability

2013-11-30 09:08:00

Linux Worm targets Internet-enabled Home appliances to Mine Cryptocurrencies

2014-03-19 22:26:00

Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability

2013-11-30 20:08:00

saint

PHP CGI Query String Parameters Command Execution

2012-05-15 00:00:00

PHP CGI Query String Parameters Command Execution

2012-05-15 00:00:00

PHP CGI Query String Parameters Command Execution

2012-05-15 00:00:00

symantec

PHP 'php-cgi' Information Disclosure Vulnerability

2012-05-04 00:00:00

centos

php security update

2012-05-07 21:09:19

php53 security update

2012-05-07 23:01:16

packetstorm

PHP-CGI Argument Injection Remote Code Execution

2012-12-24 00:00:00

PHP CGI Argument Injection

2012-05-22 00:00:00

Apache + PHP 5.x Remote Code Execution Python Exploit #2

2013-10-31 00:00:00

seebug

Apache / PHP 5.x Remote Code Execution Exploit

2013-10-31 00:00:00

PHP CGI Argument Injection

2014-07-01 00:00:00

PHP-CGI Argument Injection Remote Code Execution

2012-12-25 00:00:00

exploitpack

PHP 5.3.12 5.4.2 - CGI Argument Injection

2012-05-05 00:00:00

Apache + PHP 5.3.12 5.4.2 - cgi-bin Remote Code Execution

2013-10-29 00:00:00

Plesk 9.5.4 - Remote Command Execution

2013-06-05 00:00:00

metasploit

PHP CGI Argument Injection

2012-05-09 16:01:15

redhat

(RHSA-2012:0568) Critical: php security update

2012-05-10 00:00:00

(RHSA-2012:0569) Critical: php53 security update

2012-05-10 00:00:00

(RHSA-2012:0546) Critical: php security update

2012-05-07 00:00:00

cisa_kev

PHP-CGI Query String Parameter Vulnerability

2022-03-25 00:00:00

PHP-CGI OS Command Injection Vulnerability

2024-06-12 00:00:00

attackerkb

CVE-2012-1823

2012-05-11 00:00:00

CVE-2013-4878

2013-07-18 00:00:00

prion

Design/Logic Flaw

2012-05-11 10:15:00

Design/Logic Flaw

2012-05-11 10:15:00

Default configuration

2013-07-18 16:51:00

securityvulns

PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version

2012-05-24 00:00:00

PHP multiple security vulnerabilities

2012-05-24 00:00:00

oraclelinux

php security update

2012-05-07 00:00:00

php53 security update

2012-05-07 00:00:00

zdt

Apache Magicka Remote Code Execution Vulnerability

2013-10-31 00:00:00

canvas

Immunity Canvas: PHP_CGI_REMOTE

2012-05-11 10:15:00

veracode

Arbitrary Code Execution

2019-01-15 08:51:10

nuclei

PHP CGI v5.3.12/5.4.2 Remote Code Execution

2021-07-20 09:32:27

hackerone

curl: Incorrect Encoding Conversion in hostname results in indeterminate SSRF vulnerabilities

2024-06-14 08:39:46

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

Confidence

Low

EPSS

0.937

Percentile

99.2%

JSON

Related for PRION:CVE-2012-2311