Vulnerabilities

CVE-2012-0831

by Fred · 10/02/2012

PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.

Date published : 2012-02-10

http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

http://www.securityfocus.com/bid/51954

Similar

Tags: Cybersecurity Alert