The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
References
Configurations
History
07 Nov 2023, 02:10
Type | Values Removed | Values Added |
---|---|---|
Summary | The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885. |
Information
Published : 2012-02-06 20:55
Updated : 2024-02-28 11:41
NVD link : CVE-2012-0830
Mitre link : CVE-2012-0830
CVE.ORG link : CVE-2012-0830
JSON object : View
Products Affected
php
- php
CWE
CWE-399
Resource Management Errors