Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-0788

Опубликовано: 11 янв. 2012
Источник: redhat
CVSS2: 3.5
EPSS Низкий

Описание

The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.

Отчет

Red Hat does not consider this flaw to be a security issue. The bug can only be triggered by the PHP script author, which does not cross trust boundary.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Application Stack v2 for Enterprise LinuxphpNot affected
Red Hat Enterprise Linux 4phpNot affected
Red Hat Enterprise Linux 5phpNot affected
Red Hat Enterprise Linux 5php53Not affected
Red Hat Enterprise Linux 6phpNot affected

Показывать по

Ссылки на источники

Дополнительная информация

https://bugzilla.redhat.com/show_bug.cgi?id=783605php: crash when unserializing serialized PDORow object

EPSS

Процентиль: 92%
0.09127
Низкий

3.5 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-0788

ubuntu
больше 13 лет назад

The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.

nvd логотип

CVE-2012-0788

nvd
больше 13 лет назад

The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.

debian логотип

CVE-2012-0788

debian
больше 13 лет назад

The PDORow implementation in PHP before 5.3.9 does not properly intera ...

github логотип

GHSA-5m7h-j62q-j6mr

github
около 3 лет назад

The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.

fstec логотип

BDU:2022-02603

CVSS3: 3.7
fstec
больше 13 лет назад

Уязвимость реализации PDORow интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 92%
0.09127
Низкий

3.5 Low

CVSS2