SUSE CVE-2012-2329

Buffer overflow in the apacherequestheaders function in sapi/cgi/cgimain.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service application crash via a long string in the header of an HTTP request...

PHP apache_request_headers Function Buffer Overflow (CVE-2012-2329)

A buffer overflow was reported in the apacherequestheaders function in PHP. The vulnerability is due to the insecure handling of the HTTP headers. An attacker can exploit this issue by sending a specially crafted HTTP request to the target server. Successful exploitation may allow the attacker to...

PHP apache_request_headers Function Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'PHP apacherequestheaders Function...

PHP 5.4.x < 5.4.3 Buffer Overflow Vulnerability - Windows

PHP is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

FreeBSD : php -- multiple vulnerabilities (59b68b1e-9c78-11e1-b5e0-000c299b62e1)

The PHP Development Team reports : The release of PHP 5.4.13 and 5.4.3 complete a fix for the vulnerability in CGI-based setups as originally described in CVE-2012-1823. CVE-2012-2311 Note: modphp and php-fpm are not vulnerable to this attack. PHP 5.4.3 fixes a buffer overflow vulnerability in th...

CVE-2012-2329

Buffer overflow in the apacherequestheaders function in sapi/cgi/cgimain.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service application crash via a long string in the header of an HTTP request...

Another Set of PHP Releases Pushed Out to Fix CVE-2012-1823 Flaw

For the second time in less than a week, the developers of PHP have released new versions of the language that include a fix for the remotely exploitable vulnerability that was disclosed last week. The group is encouraging users to upgrade to PHP 5.4.3 or 5.3.13 immediately. The vulnerability...

PHP 5.4.x < 5.4.3 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is 5.4.x earlier than 5.4.3. It is, therefore, potentially affected the following vulnerabilities : - The fix for CVE-2012-1823 does not completely correct the CGI query parameter vulnerability. Disclosure of PHP source code...

php -- multiple vulnerabilities

The PHP Development Team reports: The release of PHP 5.4.13 and 5.4.3 complete a fix for the vulnerability in CGI-based setups as originally described in CVE-2012-1823. CVE-2012-2311 Note: modphp and php-fpm are not vulnerable to this attack. PHP 5.4.3 fixes a buffer overflow vulnerability in the...