logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2012-0830

Description

The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885. #### Bugs * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0830> #### Notes Author| Note ---|--- [tyhicks](<https://launchpad.net/~tyhicks>) | Introduced by the fix for CVE-2011-4885


Affected Package


OS OS Version Package Name Package Version
ubuntu 10.04 php5 5.3.2-1ubuntu4.13
ubuntu 10.10 php5 5.3.3-1ubuntu9.9
ubuntu 11.04 php5 5.3.5-1ubuntu7.6
ubuntu 11.10 php5 5.3.6-13ubuntu3.5
ubuntu upstream php5 5.3.10-1

Related