Описание
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 5.4.4-1ubuntu1 |
| hardy | released | 5.2.4-2ubuntu5.25 |
| lucid | released | 5.3.2-1ubuntu4.17 |
| natty | released | 5.3.5-1ubuntu7.10 |
| oneiric | released | 5.3.6-13ubuntu3.8 |
| precise | released | 5.3.10-1ubuntu3.2 |
| upstream | released | 5.4.3, 5.3.13 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.
EPSS
7.5 High
CVSS2