Lucene search
Ubuntu.comUB:CVE-2012-0831HistoryFeb 02, 2012 - 12:00 a.m.
CVE-2012-0831
2012-02-0200:00:00
ubuntu.com
ubuntu.com
6
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.7%
PHP before 5.3.10 does not properly perform a temporary change to the
magic_quotes_gpc directive during the importing of environment variables,
which makes it easier for remote attackers to conduct SQL injection attacks
via a crafted request, related to main/php_variables.c,
sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.
Bugs
- <https://bugs.launchpad.net/ubuntu/+source/php5/+bug/930115>
- <https://bugs.php.net/bug.php?id=61043>
Notes
| Author | Note |
|---|---|
| sbeattie | this introduced a regression, see bugs |
Related
openvas
openvas
PHP 'magic_quotes_gpc' Directive Security Bypass Vulnerability (Windows)
2012-02-10 00:00:00
Fedora Update for php FEDORA-2012-6911
2012-05-08 00:00:00
Fedora Update for php-eaccelerator FEDORA-2012-6907
2012-05-08 00:00:00
veracode
veracode
SQL Injection
2019-05-02 04:52:36
seebug
seebug
PHP 'magic_quotes_gpc'安全绕过漏洞(CVE-2012-0831)
2012-02-13 00:00:00
cve
cve
CVE-2012-0831
2012-02-10 20:55:00
prion
prion
Sql injection
2012-02-10 20:55:00
fedora
fedora
[SECURITY] Fedora 15 Update: php-eaccelerator-0.9.6.1-9.fc15.3
2012-05-07 02:48:55
[SECURITY] Fedora 15 Update: maniadrive-1.2-32.fc15.3
2012-05-07 02:48:55
[SECURITY] Fedora 16 Update: php-eaccelerator-0.9.6.1-9.fc16.3
2012-05-07 02:49:50
nessus
nessus
freebsd
freebsd
php -- multiple vulnerabilities
2012-03-01 00:00:00
centos
centos
php security update
2013-02-27 19:37:21
php53 security update
2013-10-07 12:42:03
redhat
redhat
(RHSA-2013:0514) Moderate: php security, bug fix and enhancement update
2013-02-21 00:00:00
(RHSA-2013:1307) Moderate: php53 security, bug fix and enhancement update
2013-09-30 16:52:28
oraclelinux
oraclelinux
php security, bug fix and enhancement update
2013-02-27 00:00:00
php53 security, bug fix and enhancement update
2013-10-02 00:00:00
suse
suse
Security update for PHP5 (important)
2012-04-06 03:08:16
Security update for PHP5 (important)
2012-03-24 03:08:28
update for php5 (important)
2012-03-29 15:08:14
securityvulns
securityvulns
[ MDVSA-2012:065 ] php
2012-05-01 00:00:00
PHP multiple security vulnerabilities
2012-05-24 00:00:00
[ MDVSA-2012:071 ] php
2012-05-14 00:00:00
ubuntu
ubuntu
PHP regression
2012-02-13 00:00:00
PHP vulnerabilities
2012-02-10 00:00:00
osv
osv
php5 - several
2012-02-13 00:00:00
debian
debian
[SECURITY] [DSA 2408-1] php5 security update
2012-02-13 18:15:24
gentoo
gentoo
PHP: Multiple vulnerabilities
2012-09-24 00:00:00
f5
f5
Multiple PHP vulnerabilities
2012-04-05 02:07:00
SOL13518 - Multiple PHP vulnerabilities
2012-04-04 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.7%
Related for UB:CVE-2012-0831