admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 18:52:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2012/CVE-2012-0830.md

20 lines
977 B
Markdown
Raw Normal View History

Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
### [CVE-2012-0830](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
### POC
#### Reference
- http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/
Update CVE sources 2024-08-08 18:49
2024-08-08 18:49:29 +00:00
- http://www.h-online.com/security/news/item/Critical-PHP-vulnerability-being-fixed-1427316.html
Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
- https://gist.github.com/1725489
#### Github
No PoCs found on GitHub currently.
Reference in New Issue Copy Permalink