7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.894 High
EPSS
Percentile
98.4%
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.
It was discovered that the fix for CVE-2011-4885 (released via
RHSA-2012:0019 for php53 packages in Red Hat Enterprise Linux 5) introduced
an uninitialized memory use flaw. A remote attacker could send a specially-
crafted HTTP request to cause the PHP interpreter to crash or, possibly,
execute arbitrary code. (CVE-2012-0830)
All php53 users should upgrade to these updated packages, which contain a
backported patch to resolve this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | x86_64 | php53-dba | < 5.3.3-1.el5_7.6 | php53-dba-5.3.3-1.el5_7.6.x86_64.rpm |
RedHat | 5 | ia64 | php53-pspell | < 5.3.3-1.el5_7.6 | php53-pspell-5.3.3-1.el5_7.6.ia64.rpm |
RedHat | 5 | i386 | php53-gd | < 5.3.3-1.el5_7.6 | php53-gd-5.3.3-1.el5_7.6.i386.rpm |
RedHat | 5 | ppc | php53-mbstring | < 5.3.3-1.el5_7.6 | php53-mbstring-5.3.3-1.el5_7.6.ppc.rpm |
RedHat | 5 | i386 | php53 | < 5.3.3-1.el5_7.6 | php53-5.3.3-1.el5_7.6.i386.rpm |
RedHat | 5 | i386 | php53-pspell | < 5.3.3-1.el5_7.6 | php53-pspell-5.3.3-1.el5_7.6.i386.rpm |
RedHat | 5 | i386 | php53-bcmath | < 5.3.3-1.el5_7.6 | php53-bcmath-5.3.3-1.el5_7.6.i386.rpm |
RedHat | 5 | x86_64 | php53-mysql | < 5.3.3-1.el5_7.6 | php53-mysql-5.3.3-1.el5_7.6.x86_64.rpm |
RedHat | 5 | x86_64 | php53-ldap | < 5.3.3-1.el5_7.6 | php53-ldap-5.3.3-1.el5_7.6.x86_64.rpm |
RedHat | 5 | i386 | php53-odbc | < 5.3.3-1.el5_7.6 | php53-odbc-5.3.3-1.el5_7.6.i386.rpm |