Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-0781

Опубликовано: 10 янв. 2012
Источник: redhat
CVSS2: 2.6
EPSS Низкий

Описание

The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4phpNot affected
Red Hat Enterprise Linux 5phpNot affected
Red Hat Enterprise Linux 5php53Not affected
Red Hat Enterprise Linux 6phpFixedRHSA-2012:104627.06.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=782951php: tidy_diagnose() NULL pointer dereference may cause DoS

EPSS

Процентиль: 88%
0.04205
Низкий

2.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-0781

ubuntu
больше 13 лет назад

The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153.

nvd логотип

CVE-2012-0781

nvd
больше 13 лет назад

The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153.

debian логотип

CVE-2012-0781

debian
больше 13 лет назад

The tidy_diagnose function in PHP 5.3.8 might allow remote attackers t ...

github логотип

GHSA-929c-4vcv-4rrx

github
около 3 лет назад

The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153.

oracle-oval логотип

ELSA-2012-1046

oracle-oval
почти 13 лет назад

ELSA-2012-1046: php security update (MODERATE)

EPSS

Процентиль: 88%
0.04205
Низкий

2.6 Low

CVSS2