QwikSec

Security Database

CVE

CWE

Training

CVE-2012-2311

Published: May 11, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_HP

SUSE-SU-2012:0604

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_SECTRACK

openSUSE-SU-2012:0590

vendor-advisory

x_refsource_SUSE

https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff-fix-check.patch&revision=1336093719&display=1

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

SUSE-SU-2012:0598

vendor-advisory

x_refsource_SUSE

https://bugs.php.net/bug.php?id=61910

x_refsource_CONFIRM

http://www.php.net/archive/2012.php#id2012-05-08-1

x_refsource_CONFIRM

APPLE-SA-2012-09-19-2

vendor-advisory

x_refsource_APPLE

http://support.apple.com/kb/HT5501

x_refsource_CONFIRM

vendor-advisory

x_refsource_HP

http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/

x_refsource_MISC

third-party-advisory

x_refsource_CERT-VN

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_DEBIAN

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_HP

http://www.php.net/ChangeLog-5.php#5.4.3

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2012-2311 - Security Vulnerability | QwikSec