Lucene search
PRIOn knowledge basePRION:CVE-2012-3450HistoryAug 06, 2012 - 4:55 p.m.
Out-of-bounds
2012-08-0616:55:00
PRIOn knowledge base
www.prio-n.com
11
pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted parameter value.
References
lists.opensuse.org/opensuse-security-announce/2012-08/msg00021.html
seclists.org/bugtraq/2012/Jun/60
www.debian.org/security/2012/dsa-2527
www.mandriva.com/security/advisories?name=MDVSA-2012:108
www.openwall.com/lists/oss-security/2012/08/02/3
www.openwall.com/lists/oss-security/2012/08/02/7
www.php.net/ChangeLog-5.php
www.ubuntu.com/usn/USN-1569-1
bugs.php.net/bug.php?id=61755
bugzilla.novell.com/show_bug.cgi?id=769785
Related
cvelist
cvelist
CVE-2012-3450
2012-08-06 16:00:00
nvd
nvd
CVE-2012-3450
2012-08-06 16:55:05
openvas
openvas
PHP pdo_sql_parser.re 'PDO' Extension DoS Vulnerability - Windows
2012-08-27 00:00:00
Debian Security Advisory DSA 2527-1 (php5)
2012-08-30 00:00:00
Debian: Security Advisory (DSA-2527-1)
2012-08-30 00:00:00
cve
cve
CVE-2012-3450
2012-08-06 16:55:05
ubuntucve
ubuntucve
CVE-2012-3450
2012-08-06 00:00:00
debian
debian
[SECURITY] [DSA 2527-1] php5 security update
2012-08-13 18:16:56
nessus
nessus
Debian DSA-2527-1 : php5 - several vulnerabilities
2012-08-14 00:00:00
SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6634)
2013-01-25 00:00:00
PHP 5.4.x < 5.4.4 Multiple Vulnerabilities
2012-06-15 00:00:00
osv
osv
php5 - several
2012-08-13 00:00:00
suse
suse
Security update for PHP5 (important)
2012-08-24 09:08:27
securityvulns
securityvulns
PHP security vulnerabilities
2012-07-30 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2012-09-17 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2012-09-24 00:00:00