PHP php_register_variable_ex() Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1026631 |
|
SecurityTracker URL: http://securitytracker.com/id/1026631
|
|
CVE Reference:
CVE-2012-0830
(Links to External Site)
|
Date: Feb 3 2012
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 5.3.9
|
Description:
A vulnerability was reported in PHP. A remote user can execute arbitrary code on the target system.
A remote user can send specially crafted data to trigger a memory error in php_register_variable_ex() and execute arbitrary code on the target system. The code will run with the privileges of the target service.
The vulnerability can be triggered when the number of variables exceeds max_input_vars and the variable is an array.
This vulnerability was introduced in version 5.3.9 in the fix for CVE-2011-4885.
Stefan Esser reported this vulnerability.
|
Impact:
A remote user can execute arbitrary code on the target system.
|
Solution:
The vendor has issued a fix (5.3.10).
The vendor's advisory is available at:
http://www.php.net/archive/2012.php#id2012-02-02-1
|
Vendor URL: www.php.net/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Fri, 03 Feb 2012 04:20:56 +0000
Subject: PHP
|
https://bugs.php.net/bug.php?id=60708
CVE-2012-0830
Security Fix in PHP 5.3.10:
* Fixed arbitrary remote code execution vulnerability reported by
Stefan Esser, CVE-2012-0830.
|
|
