CVE-2012-2335

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.

References

http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/

http://git.php.net/?p=php-src.git;a=blob;f=sapi/cgi/cgi_main.c;h=a7ac26f0#l1569

http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html

http://secunia.com/advisories/49014

http://www.kb.cert.org/vuls/id/520827

http://www.php.net/archive/2012.php#id2012-05-06-1

https://bugs.php.net/bug.php?id=61910

https://exchange.xforce.ibmcloud.com/vulnerabilities/75652

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862

Details

Source: MITRE

Published: 2012-05-11

Updated: 2018-01-05

Type: CWE-264

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (15 total)

IDNameProductFamilySeverity
74630openSUSE Security Update : php5 (openSUSE-2012-288)NessusSuSE Local Security Checks
high
70728Apache PHP-CGI Remote Code ExecutionNessusCGI abuses
high
69020HP System Management Homepage < 7.2.1.0 Multiple Vulnerabilities (BEAST)NessusWeb Servers
high
64104SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6440)NessusSuSE Local Security Checks
high
64100SuSE 11.1 Security Update : PHP5 (SAT Patch Number 6316)NessusSuSE Local Security Checks
high
62236GLSA-201209-03 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
59603Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : php5 vulnerabilities (USN-1481-1)NessusUbuntu Local Security Checks
high
59445SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8133)NessusSuSE Local Security Checks
high
801100PHP 5.3.x < 5.3.13 CGI Query String Code ExecutionLog Correlation EngineWeb Servers
high
801071PHP 5.3.x < 5.4.3 Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high
6495PHP 5.4.x < 5.4.3 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
6494PHP 5.3.x < 5.3.13 CGI Query String Code ExecutionNessus Network MonitorWeb Servers
high
59057PHP 5.4.x < 5.4.3 Multiple VulnerabilitiesNessusCGI abuses
high
59056PHP 5.3.x < 5.3.13 CGI Query String Code ExecutionNessusCGI abuses
high
59010Mandriva Linux Security Advisory : php (MDVSA-2012:068-1)NessusMandriva Local Security Checks
high