Описание
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 5.3.10-1ubuntu1 |
| hardy | released | 5.2.4-2ubuntu5.22 |
| lucid | released | 5.3.2-1ubuntu4.13 |
| maverick | released | 5.3.3-1ubuntu9.9 |
| natty | released | 5.3.5-1ubuntu7.6 |
| oneiric | released | 5.3.6-13ubuntu3.5 |
| upstream | released | 5.3.10-1 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 ...
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
EPSS
7.5 High
CVSS2