Showing 1 - 3 of 3

CVE-2012-3450

Status Candidate

Overview

pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted parameter value.

Related Files

Gentoo Linux Security Advisory 201209-03: Posted Sep 24, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201209-3 - Multiple vulnerabilities were found in PHP, the worst of which lead to remote execution of arbitrary code. Versions less than 5.3.15 are affected.; tags | advisory, remote, arbitrary, php, vulnerability; systems | linux, gentoo; advisories | CVE-2011-1398, CVE-2011-3379, CVE-2011-4566, CVE-2011-4885, CVE-2012-0057, CVE-2012-0788, CVE-2012-0789, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172, CVE-2012-1823, CVE-2012-2143, CVE-2012-2311, CVE-2012-2335, CVE-2012-2336, CVE-2012-2386, CVE-2012-2688, CVE-2012-3365, CVE-2012-3450; SHA-256 | 9f816b924ad418620e160f8c0c949d6a934cbb7b2edf6d8854a05c114583d85c; Download | Favorite | View

Ubuntu Security Notice USN-1569-1: Posted Sep 17, 2012; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1569-1 - It was discovered that PHP incorrectly handled certain character sequences when applying HTTP response-splitting protection. A remote attacker could create a specially-crafted URL and inject arbitrary headers. It was discovered that PHP incorrectly handled directories with a large number of files. This could allow a remote attacker to execute arbitrary code with the privileges of the web server, or to perform a denial of service. Various other issues were also addressed.; tags | advisory, remote, web, denial of service, arbitrary, php; systems | linux, ubuntu; advisories | CVE-2012-2688, CVE-2012-3450, CVE-2011-1398, CVE-2012-2688, CVE-2012-3450, CVE-2012-4388; SHA-256 | ca286c3dc3421c19e6fd6053965096637970d19dc1b7ac9c4b2b75b876f38310; Download | Favorite | View

Debian Security Advisory 2527-1: Posted Aug 14, 2012; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2527-1 - Several vulnerabilities have been discovered in PHP, the web scripting language.; tags | advisory, web, php, vulnerability; systems | linux, debian; advisories | CVE-2012-2688, CVE-2012-3450; SHA-256 | 19d56ac85b34319b9d93e656f85139e1d5a6ad3686507f40c07541d97d990968; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 308 files
Ubuntu 67 files
Debian 24 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CVE-2012-3450

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems