Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-6113
HistoryJan 18, 2013 - 12:00 a.m.

CVE-2012-6113

2013-01-1800:00:00
ubuntu.com
ubuntu.com
9

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 through
5.3.13 does not initialize a certain variable, which allows remote
attackers to obtain sensitive information from process memory by providing
zero bytes of input data.

Bugs

Notes

Author Note
mdeslaur introduced in 5.3.9, fixed in 5.3.14
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchphp5< 5.3.10-1ubuntu3.5UNKNOWN

Related

prion 1
ubuntu 1
openvas 3
cve 1
securityvulns 1
seebug 1
nessus 3
hackerone 1
prion
prion
Input validation
2013-01-19 21:55:00
ubuntu
ubuntu
PHP vulnerability
2013-01-22 00:00:00
openvas
openvas
PHP 'openssl_encrypt()' Function Information Disclosure Vulnerability - Windows
2013-01-24 00:00:00
Ubuntu: Security Advisory (USN-1702-1)
2013-01-24 00:00:00
Ubuntu Update for php5 USN-1702-1
2013-01-24 00:00:00
cve
cve
CVE-2012-6113
2013-01-19 21:55:00
securityvulns
securityvulns
PHP information leakage
2013-01-27 00:00:00
seebug
seebug
PHP 'openssl_encrypt()'函数信息泄露漏洞
2013-01-22 00:00:00
nessus
nessus
Ubuntu 12.04 LTS : php5 vulnerability (USN-1702-1)
2013-01-23 00:00:00
PHP 5.3.x < 5.3.14 / 5.4.x < 5.4.4 Multiple Vulnerabilities
2016-02-25 00:00:00
PHP 5.3.x < 5.3.14 Multiple Vulnerabilities
2012-06-15 00:00:00
hackerone
hackerone
Yahoo!: Out of date version
2014-03-30 08:47:50

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON
Related for UB:CVE-2012-6113
prion1ubuntu1openvas3cve1securityvulns1seebug1nessus3hackerone1