CVE-2012-2688
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
Date published : 2012-07-20
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html