Lucene search

K

Veracode Vulnerability DatabaseVERACODE:10712

HistoryJan 15, 2019 - 8:51 a.m.

Arbitrary Code Execution

2019-01-1508:51:10

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

14

0.973 High

EPSS

Percentile

99.9%

php-cgi is susceptible to arbitrary code execution. An attacker can inject arbitrary script because it does not properly handle the query strings without an = (equals sign) character, leading to malicious code execution with the privileges of the PHP interpreter.

CPENameOperatorVersion
phpeq5.2.6__2.el5s2
phpeq5.1.6__15.el5
phpeq5.2.10__1.el5s2
phpeq5.1.6__23.2.el5_3
phpeq5.1.6__27.el5_5.3
phpeq5.3.2__6.el6
phpeq5.1.6__11.el5
phpeq5.1.6__27.el5
phpeq5.2.6__4.el5s2
phpeq5.1.6__34.el5_8

Rows per page:

1-10 of 301

References

eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html

lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html

lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html

marc.info/?l=bugtraq&m=134012830914727&w=2

rhn.redhat.com/errata/RHSA-2012-0546.html

rhn.redhat.com/errata/RHSA-2012-0547.html

rhn.redhat.com/errata/RHSA-2012-0568.html

rhn.redhat.com/errata/RHSA-2012-0569.html

rhn.redhat.com/errata/RHSA-2012-0570.html

secunia.com/advisories/49014

secunia.com/advisories/49065

secunia.com/advisories/49085

secunia.com/advisories/49087

support.apple.com/kb/HT5501

www.debian.org/security/2012/dsa-2465

www.kb.cert.org/vuls/id/520827

www.kb.cert.org/vuls/id/673343

www.mandriva.com/security/advisories?name=MDVSA-2012:068

www.php.net/archive/2012.php#id2012-05-03-1

www.php.net/ChangeLog-5.php#5.4.2

www.securitytracker.com/id?1027022

access.redhat.com/security/updates/classification/#critical

bugs.php.net/bug.php?id=61910

bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1

rhn.redhat.com/errata/RHSA-2012-0546.html

0.973 High

EPSS

Percentile

99.9%