|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-03-01 | |
| Rule Name: | PHP 5.4 Code Execution Vulnerability (CVE-2012-2376) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ExploitDB:18861 http://isc.sans.edu/diary.html?storyid=13255 http://openwall.com/lists/oss-security/2012/05/20/2 SecurityTrackerID:1027089 |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: http://www.php.net/ |