CVE-2012-2386
Published at:
-
07-07-2012 12:21
Last modified:
-
05-08-2022 06:54
Total changes:
-
2
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Network
Attack vector
Low
Availability
Low
Confidentiality
Low
Integrity
-
Privileges required
-
Scope
-
User interaction
7.5
Base score
10.0
6.4
Exploitability score
Impact score
Verification logic
Reference
- http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html
- http://git.php.net/?p=php-src.git;a=commit;h=158d8a6b088662ce9d31e0c777c6ebe90efdc854
- https://bugs.php.net/bug.php?id=61065
- http://www.php.net/ChangeLog-5.php
- https://bugzilla.redhat.com/show_bug.cgi?id=823594
- [oss-security] 20120522 Re: CVE request: PHP Phar - arbitrary code execution-Mailing List, Third Party Advisory
- SUSE-SU-2012:0840-Mailing List, Third Party Advisory
- APPLE-SA-2012-09-19-2-Mailing List, Third Party Advisory
- http://support.apple.com/kb/HT5501
Keywords