Vulnerabilities

CVE-2012-2335

by Fred · 11/05/2012

php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.

Date published : 2012-05-11

http://www.kb.cert.org/vuls/id/520827

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862

Similar

Tags: Cybersecurity Alert