// For flags

CVE-2012-0830

PHP 5.4.0RC6 (x64) - Denial of Service

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

4
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.

La función php_register_variable_ex en php_variables.c en PHP v5.3.9 permite a atacantes remotos ejecutar código de su elección a través de una solicitud que contenga un gran número de variable. Se trata de un problema relacionado con el manejo inadecuado de las variables de tipo matriz (array). NOTA: Esta vulnerabilidad existe debido a una corrección incorrecta para el CVE-2011-4885.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-01-19 CVE Reserved
  • 2012-02-04 First Exploit
  • 2012-02-06 CVE Published
  • 2024-08-06 CVE Updated
  • 2025-04-20 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
  • CWE-399: Resource Management Errors
CAPEC
References (26)
URL Tag Source
http://openwall.com/lists/oss-security/2012/02/02/12 Mailing List
http://openwall.com/lists/oss-security/2012/02/03/1 Mailing List
http://secunia.com/advisories/47801 Third Party Advisory
http://secunia.com/advisories/47813 Third Party Advisory
http://secunia.com/advisories/48668 Third Party Advisory
http://securitytracker.com/id?1026631 Vdb Entry
http://support.apple.com/kb/HT5281 X_refsource_confirm
http://svn.php.net/viewvc?view=revision&revision=323007 X_refsource_confirm
http://www.h-online.com/security/news/item/Critical-PHP-vulnerability-being-fixed-1427316.html X_refsource_misc
http://www.osvdb.org/78819 Vdb Entry
http://www.php.net/ChangeLog-5.php#5.3.10 X_refsource_confirm
https://exchange.xforce.ibmcloud.com/vulnerabilities/72911 Vdb Entry
URL Date SRC
https://www.exploit-db.com/exploits/18460 2012-02-04
http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos 2024-08-06
http://www.securityfocus.com/bid/51830 2024-08-06
https://gist.github.com/1725489 2024-08-06
URL Date SRC
URL Date SRC
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 2023-11-07
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html 2023-11-07
http://marc.info/?l=bugtraq&m=134012830914727&w=2 2023-11-07
http://rhn.redhat.com/errata/RHSA-2012-0092.html 2023-11-07
http://secunia.com/advisories/47806 2023-11-07
http://www.debian.org/security/2012/dsa-2403 2023-11-07
https://access.redhat.com/security/cve/CVE-2012-0830 2012-02-02
https://bugzilla.redhat.com/show_bug.cgi?id=786686 2012-02-02
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 5.3.9
Search vendor "Php" for product "Php" and version "5.3.9"
-
Affected