ID

VAR-201205-0305


CVE

CVE-2012-1823


TITLE

PHP-CGI of query string Vulnerability in processing

Trust: 0.8

sources: JVNDB: JVNDB-2012-002235

DESCRIPTION

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. PHP is prone to an information-disclosure vulnerability. Exploiting this issue allows remote attackers to view the source code of files in the context of the server process. This may allow the attacker to obtain sensitive information and to run arbitrary PHP code on the affected computer; other attacks are also possible. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201209-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: PHP: Multiple vulnerabilities Date: September 24, 2012 Bugs: #384301, #396311, #396533, #399247, #399567, #399573, #401997, #410957, #414553, #421489, #427354, #429630 ID: 201209-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities were found in PHP, the worst of which lead to remote execution of arbitrary code. Background ========== PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-lang/php < 5.3.15 >= 5.3.15 < 5.4.5 >= 5.4.5 ------------------------------------------------------------------- # Package 1 only applies to users of these architectures: arm Description =========== Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All PHP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-5.3.15" All PHP users on ARM should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-5.4.5" References ========== [ 1 ] CVE-2011-1398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1398 [ 2 ] CVE-2011-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3379 [ 3 ] CVE-2011-4566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4566 [ 4 ] CVE-2011-4885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4885 [ 5 ] CVE-2012-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0057 [ 6 ] CVE-2012-0788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0788 [ 7 ] CVE-2012-0789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0789 [ 8 ] CVE-2012-0830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0830 [ 9 ] CVE-2012-0831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0831 [ 10 ] CVE-2012-1172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1172 [ 11 ] CVE-2012-1823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1823 [ 12 ] CVE-2012-2143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2143 [ 13 ] CVE-2012-2311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2311 [ 14 ] CVE-2012-2335 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2335 [ 15 ] CVE-2012-2336 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2336 [ 16 ] CVE-2012-2386 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2386 [ 17 ] CVE-2012-2688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2688 [ 18 ] CVE-2012-3365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3365 [ 19 ] CVE-2012-3450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3450 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201209-03.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Ubuntu update for php SECUNIA ADVISORY ID: SA49097 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49097/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49097 RELEASE DATE: 2012-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/49097/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/49097/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=49097 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to disclose certain sensitive information or compromise a vulnerable system. For more information: SA49014 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1437-1: http://www.ubuntu.com/usn/usn-1437-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03360041 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03360041 Version: 1 HPSBMU02786 SSRT100877 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-06-26 Last Updated: 2012-06-26 Potential Security Impact: Remote unauthorized access, disclosure of information, data modification, Denial of Service (DoS), execution of arbitrary code Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. References: CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012 (AUTOCOMPLETE enabled), CVE-2012-2013 (DoS), CVE-2012-2014 (Improper input validation), CVE-2012-2015 (Privilege Elevation), CVE-2012-2016 (Information disclosure), SSRT100336, SSRT100753, SSRT100669, SSRT100676, SSRT100695, SSRT100714, SSRT100760, SSRT100786, SSRT100787, SSRT100815, SSRT100840, SSRT100843, SSRT100869 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) before v7.1.1 running on Linux and Windows. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-2012 (AV:N/AC:L/Au:N/C:C/I:C/A:P) 9.7 CVE-2012-2013 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2012-2014 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 6.8 CVE-2012-2015 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 6.5 CVE-2012-2016 (AV:L/AC:M/Au:S/C:C/I:N/A:N) 4.4 CVE-2011-1944 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2011-2821 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-2834 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2011-3379 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-3607 (AV:L/AC:M/Au:N/C:P/I:P/A:P) 4.4 CVE-2011-4078 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4108 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-4153 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4317 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2011-4415 (AV:L/AC:H/Au:N/C:N/I:N/A:P) 1.2 CVE-2011-4576 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-4577 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-4619 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4885 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0021 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2012-0027 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0031 (AV:L/AC:L/Au:N/C:P/I:P/A:P) 4.6 CVE-2012-0036 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0053 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2012-0057 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-0830 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-1165 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-1823 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided HP System Management Homepage v7.1.1 or subsequent to resolve the vulnerabilities. HP System Management Homepage v7.1.1 is available here: HP System Management Homepage for Windows x64 [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4064%257CswLang%253D8%257CswItem%253DMTX-ab 0d4e9bb4654a8da503eccfd9%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Windows x86 [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4022%257CswLang%253D8%257CswItem%253DMTX-f7 c0d15d28474255bd0ec23136%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Linux (AMD64/EM64T) [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4035%257CswLang%253D8%257CswItem%253DMTX-18 d373dd1361400fbaca892942%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Linux (x86) [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4006%257CswLang%253D8%257CswItem%253DMTX-9e 8a0188f97d48139dcb466509%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HISTORY Version:1 (rev.1) 26 June 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Additionally, this update fixes insufficient validation of upload name which lead to corrupted $_FILES indices. For the stable distribution (squeeze), this problem has been fixed in version 5.3.3-7+squeeze9. The testing distribution (wheezy) will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 5.4.3-1. We recommend that you upgrade your php5 packages. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: php53 security update Advisory ID: RHSA-2012:0569-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0569.html Issue date: 2012-05-10 CVE Names: CVE-2012-1823 ===================================================================== 1. Summary: Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux EUS (v. 5.6 server) - i386, ia64, ppc, s390x, x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter. (CVE-2012-1823) Red Hat is aware that a public exploit for this issue is available that allows remote code execution in affected PHP CGI configurations. This flaw does not affect the default configuration using the PHP module for Apache httpd to handle PHP scripts. All php53 users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 818607 - CVE-2012-1823 php: command line arguments injection when run in CGI mode (VU#520827) 6. Package List: Red Hat Enterprise Linux EUS (v. 5.6 server): Source: php53-5.3.3-1.el5_6.2.src.rpm i386: php53-5.3.3-1.el5_6.2.i386.rpm php53-bcmath-5.3.3-1.el5_6.2.i386.rpm php53-cli-5.3.3-1.el5_6.2.i386.rpm php53-common-5.3.3-1.el5_6.2.i386.rpm php53-dba-5.3.3-1.el5_6.2.i386.rpm php53-debuginfo-5.3.3-1.el5_6.2.i386.rpm php53-devel-5.3.3-1.el5_6.2.i386.rpm php53-gd-5.3.3-1.el5_6.2.i386.rpm php53-imap-5.3.3-1.el5_6.2.i386.rpm php53-intl-5.3.3-1.el5_6.2.i386.rpm php53-ldap-5.3.3-1.el5_6.2.i386.rpm php53-mbstring-5.3.3-1.el5_6.2.i386.rpm php53-mysql-5.3.3-1.el5_6.2.i386.rpm php53-odbc-5.3.3-1.el5_6.2.i386.rpm php53-pdo-5.3.3-1.el5_6.2.i386.rpm php53-pgsql-5.3.3-1.el5_6.2.i386.rpm php53-process-5.3.3-1.el5_6.2.i386.rpm php53-pspell-5.3.3-1.el5_6.2.i386.rpm php53-snmp-5.3.3-1.el5_6.2.i386.rpm php53-soap-5.3.3-1.el5_6.2.i386.rpm php53-xml-5.3.3-1.el5_6.2.i386.rpm php53-xmlrpc-5.3.3-1.el5_6.2.i386.rpm ia64: php53-5.3.3-1.el5_6.2.ia64.rpm php53-bcmath-5.3.3-1.el5_6.2.ia64.rpm php53-cli-5.3.3-1.el5_6.2.ia64.rpm php53-common-5.3.3-1.el5_6.2.ia64.rpm php53-dba-5.3.3-1.el5_6.2.ia64.rpm php53-debuginfo-5.3.3-1.el5_6.2.ia64.rpm php53-devel-5.3.3-1.el5_6.2.ia64.rpm php53-gd-5.3.3-1.el5_6.2.ia64.rpm php53-imap-5.3.3-1.el5_6.2.ia64.rpm php53-intl-5.3.3-1.el5_6.2.ia64.rpm php53-ldap-5.3.3-1.el5_6.2.ia64.rpm php53-mbstring-5.3.3-1.el5_6.2.ia64.rpm php53-mysql-5.3.3-1.el5_6.2.ia64.rpm php53-odbc-5.3.3-1.el5_6.2.ia64.rpm php53-pdo-5.3.3-1.el5_6.2.ia64.rpm php53-pgsql-5.3.3-1.el5_6.2.ia64.rpm php53-process-5.3.3-1.el5_6.2.ia64.rpm php53-pspell-5.3.3-1.el5_6.2.ia64.rpm php53-snmp-5.3.3-1.el5_6.2.ia64.rpm php53-soap-5.3.3-1.el5_6.2.ia64.rpm php53-xml-5.3.3-1.el5_6.2.ia64.rpm php53-xmlrpc-5.3.3-1.el5_6.2.ia64.rpm ppc: php53-5.3.3-1.el5_6.2.ppc.rpm php53-bcmath-5.3.3-1.el5_6.2.ppc.rpm php53-cli-5.3.3-1.el5_6.2.ppc.rpm php53-common-5.3.3-1.el5_6.2.ppc.rpm php53-dba-5.3.3-1.el5_6.2.ppc.rpm php53-debuginfo-5.3.3-1.el5_6.2.ppc.rpm php53-devel-5.3.3-1.el5_6.2.ppc.rpm php53-gd-5.3.3-1.el5_6.2.ppc.rpm php53-imap-5.3.3-1.el5_6.2.ppc.rpm php53-intl-5.3.3-1.el5_6.2.ppc.rpm php53-ldap-5.3.3-1.el5_6.2.ppc.rpm php53-mbstring-5.3.3-1.el5_6.2.ppc.rpm php53-mysql-5.3.3-1.el5_6.2.ppc.rpm php53-odbc-5.3.3-1.el5_6.2.ppc.rpm php53-pdo-5.3.3-1.el5_6.2.ppc.rpm php53-pgsql-5.3.3-1.el5_6.2.ppc.rpm php53-process-5.3.3-1.el5_6.2.ppc.rpm php53-pspell-5.3.3-1.el5_6.2.ppc.rpm php53-snmp-5.3.3-1.el5_6.2.ppc.rpm php53-soap-5.3.3-1.el5_6.2.ppc.rpm php53-xml-5.3.3-1.el5_6.2.ppc.rpm php53-xmlrpc-5.3.3-1.el5_6.2.ppc.rpm s390x: php53-5.3.3-1.el5_6.2.s390x.rpm php53-bcmath-5.3.3-1.el5_6.2.s390x.rpm php53-cli-5.3.3-1.el5_6.2.s390x.rpm php53-common-5.3.3-1.el5_6.2.s390x.rpm php53-dba-5.3.3-1.el5_6.2.s390x.rpm php53-debuginfo-5.3.3-1.el5_6.2.s390x.rpm php53-devel-5.3.3-1.el5_6.2.s390x.rpm php53-gd-5.3.3-1.el5_6.2.s390x.rpm php53-imap-5.3.3-1.el5_6.2.s390x.rpm php53-intl-5.3.3-1.el5_6.2.s390x.rpm php53-ldap-5.3.3-1.el5_6.2.s390x.rpm php53-mbstring-5.3.3-1.el5_6.2.s390x.rpm php53-mysql-5.3.3-1.el5_6.2.s390x.rpm php53-odbc-5.3.3-1.el5_6.2.s390x.rpm php53-pdo-5.3.3-1.el5_6.2.s390x.rpm php53-pgsql-5.3.3-1.el5_6.2.s390x.rpm php53-process-5.3.3-1.el5_6.2.s390x.rpm php53-pspell-5.3.3-1.el5_6.2.s390x.rpm php53-snmp-5.3.3-1.el5_6.2.s390x.rpm php53-soap-5.3.3-1.el5_6.2.s390x.rpm php53-xml-5.3.3-1.el5_6.2.s390x.rpm php53-xmlrpc-5.3.3-1.el5_6.2.s390x.rpm x86_64: php53-5.3.3-1.el5_6.2.x86_64.rpm php53-bcmath-5.3.3-1.el5_6.2.x86_64.rpm php53-cli-5.3.3-1.el5_6.2.x86_64.rpm php53-common-5.3.3-1.el5_6.2.x86_64.rpm php53-dba-5.3.3-1.el5_6.2.x86_64.rpm php53-debuginfo-5.3.3-1.el5_6.2.x86_64.rpm php53-devel-5.3.3-1.el5_6.2.x86_64.rpm php53-gd-5.3.3-1.el5_6.2.x86_64.rpm php53-imap-5.3.3-1.el5_6.2.x86_64.rpm php53-intl-5.3.3-1.el5_6.2.x86_64.rpm php53-ldap-5.3.3-1.el5_6.2.x86_64.rpm php53-mbstring-5.3.3-1.el5_6.2.x86_64.rpm php53-mysql-5.3.3-1.el5_6.2.x86_64.rpm php53-odbc-5.3.3-1.el5_6.2.x86_64.rpm php53-pdo-5.3.3-1.el5_6.2.x86_64.rpm php53-pgsql-5.3.3-1.el5_6.2.x86_64.rpm php53-process-5.3.3-1.el5_6.2.x86_64.rpm php53-pspell-5.3.3-1.el5_6.2.x86_64.rpm php53-snmp-5.3.3-1.el5_6.2.x86_64.rpm php53-soap-5.3.3-1.el5_6.2.x86_64.rpm php53-xml-5.3.3-1.el5_6.2.x86_64.rpm php53-xmlrpc-5.3.3-1.el5_6.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-1823.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFPq+CTXlSAg2UNWIIRAuXYAKCdvgQ8EA8+ROA8YDlnAPCgsgKllACeJUar mjye+4nPj7WUvLKkubghTAg= =pz2k -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.61

sources: NVD: CVE-2012-1823 // JVNDB: JVNDB-2012-002235 // BID: 53388 // VULMON: CVE-2012-1823 // PACKETSTORM: 116800 // PACKETSTORM: 112631 // PACKETSTORM: 112515 // PACKETSTORM: 121573 // PACKETSTORM: 114272 // PACKETSTORM: 112580 // PACKETSTORM: 112606

AFFECTED PRODUCTS

vendor:phpmodel:phpscope:ltversion:5.4.2

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:40

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:6.1

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:application stackscope:eqversion:2.0

Trust: 1.0

vendor:redhatmodel:gluster storage server for on-premisescope:eqversion:2.0

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:5.0

Trust: 1.0

vendor:hpmodel:hp-uxscope:eqversion:b.11.31

Trust: 1.0

vendor:redhatmodel:storage for public cloudscope:eqversion:2.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:5.0

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:12.1

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:susemodel:linux enterprise software development kitscope:eqversion:11

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:11.4

Trust: 1.0

vendor:hpmodel:hp-uxscope:eqversion:b.11.23

Trust: 1.0

vendor:redhatmodel:storagescope:eqversion:2.0

Trust: 1.0

vendor:phpmodel:phpscope:gteversion:5.4.0

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:5.6

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:39

Trust: 1.0

vendor:susemodel:linux enterprise software development kitscope:eqversion:10

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:6.2

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.7.5

Trust: 1.0

vendor:susemodel:linux enterprise serverscope:eqversion:11

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:phpmodel:phpscope:ltversion:5.3.12

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.8.2

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.6.8

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:6.0

Trust: 1.0

vendor:susemodel:linux enterprise serverscope:eqversion:10

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:5.3

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:5.6

Trust: 1.0

vendor:the php groupmodel:phpscope:ltversion:version 5.3.12 earlier

Trust: 0.8

vendor:the php groupmodel:phpscope:ltversion:version 5.4.2 earlier

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.7 to v10.7.4

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.8 and v10.8.1

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.7 to v10.7.4

Trust: 0.8

vendor:cybozumodel:garoonscope:eqversion:3.1.0 to 3.1.3

Trust: 0.8

vendor:cybozumodel:garoonscope:eqversion:3.5.0 to 3.5.1

Trust: 0.8

vendor:parallelsmodel:plesk panelscope:eqversion:9.5.4

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.10

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.2

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.1

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.2

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.1

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.0

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.8

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp1scope:eqversion:11

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1

Trust: 0.3

vendor:susemodel:linux enterprise server sp3 ltssscope:eqversion:10

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux server eus 6.1.zscope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux long life serverscope:eqversion:5.3

Trust: 0.3

vendor:turbolinuxmodel:appliance serverscope:eqversion:3.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.3

Trust: 0.3

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.10

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:4.6

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.10

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:8.04

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2011

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.5

Trust: 0.3

vendor:ubuntumodel:linux lts powerpcscope:eqversion:8.04

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:4.3

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.3

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp4scope:eqversion:10

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.4

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.04

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.1

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:6.0

Trust: 0.3

vendor:parallelsmodel:plesk panelscope:eqversion:9.3

Trust: 0.3

vendor:ubuntumodel:linux lts sparcscope:eqversion:8.04

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:junipermodel:ctpview 7.0r1scope:neversion: -

Trust: 0.3

vendor:ibmmodel:lotus foundations start 1.2.2bscope:neversion: -

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.9

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.1

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:8.04

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.04

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.2

Trust: 0.3

vendor:redhatmodel:enterprise linux eus 5.6.z serverscope: - version: -

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.2

Trust: 0.3

vendor:hpmodel:system management homepagescope:neversion:7.2.1

Trust: 0.3

vendor:susemodel:linux enterprise server sp1scope:eqversion:11

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:5.2

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.4.2

Trust: 0.3

vendor:susemodel:linux enterprise server sp4scope:eqversion:10

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:6.1

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:lotus foundations start 1.2.2ascope: - version: -

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.7.5

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:4.5

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.0

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2010.1

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.1

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.3

Trust: 0.3

vendor:susemodel:linux enterprise server sp2scope:eqversion:11

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.2

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:7.0

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp2scope:eqversion:11

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:redhatmodel:enterprise linux server optional eusscope:eqversion:6.1

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.6

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.5

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:6.0.1

Trust: 0.3

vendor:turbolinuxmodel:serverscope:eqversion:110

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.4

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2011

Trust: 0.3

vendor:ubuntumodel:linux lts lpiascope:eqversion:8.04

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:11.04

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.12

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:4.4

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.7

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:11.04

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.3

Trust: 0.3

vendor:susemodel:linux enterprise server for vmware sp1scope:eqversion:11

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.1.2

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.8.2

Trust: 0.3

vendor:susemodel:linux enterprise server for vmware sp2scope:eqversion:11

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2

Trust: 0.3

vendor:turbolinuxmodel:appliance serverscope:eqversion:3.0x64

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop workstation clientscope:eqversion:5

Trust: 0.3

vendor:parallelsmodel:plesk panelscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.1

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.4.1

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:turbolinuxmodel:clientscope:eqversion:2008

Trust: 0.3

vendor:parallelsmodel:plesk panelscope:eqversion:8.6

Trust: 0.3

vendor:parallelsmodel:plesk panelscope:eqversion:9.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.3

Trust: 0.3

vendor:ibmmodel:lotus foundations startscope:eqversion:1.2

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.1.1

Trust: 0.3

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.1

Trust: 0.3

vendor:redhatmodel:enterprise linux server eusscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:5.2

Trust: 0.3

vendor:turbolinuxmodel:serverscope:eqversion:11x64

Trust: 0.3

vendor:hpmodel:system management homepagescope:neversion:7.1.1

Trust: 0.3

vendor:redhatmodel:enterprise linux server optional eusscope:eqversion:6.0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.1

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:5.3.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.2

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2010.1

Trust: 0.3

vendor:phpmodel:phpscope:neversion:5.3.13

Trust: 0.3

sources: BID: 53388 // JVNDB: JVNDB-2012-002235 // NVD: CVE-2012-1823

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-1823
value: CRITICAL

Trust: 1.0

NVD: CVE-2012-1823
value: HIGH

Trust: 0.8

VULMON: CVE-2012-1823
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-1823
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2012-1823
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULMON: CVE-2012-1823 // JVNDB: JVNDB-2012-002235 // NVD: CVE-2012-1823

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-20

Trust: 0.8

sources: JVNDB: JVNDB-2012-002235 // NVD: CVE-2012-1823

THREAT TYPE

network

Trust: 0.3

sources: BID: 53388

TYPE

arbitrary

Trust: 0.4

sources: PACKETSTORM: 116800 // PACKETSTORM: 121573 // PACKETSTORM: 114272 // PACKETSTORM: 112580

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-002235

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2012-1823

PATCH

title:HT5501url:http://support.apple.com/kb/HT5501

Trust: 0.8

title:HT5501url:http://support.apple.com/kb/HT5501?viewlocale=ja_JP

Trust: 0.8

title:PHP-CGI の query string の処理に脆弱性【CY12-06-001】url:http://cs.cybozu.co.jp/information/20120606up02.php

Trust: 0.8

title:HPSBMU02786 SSRT100877url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

Trust: 0.8

title:HPSBUX02791 SSRT100856url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03368475

Trust: 0.8

title:1621015url:http://www-01.ibm.com/support/docview.wss?uid=swg21621015

Trust: 0.8

title:1620314url:http://www-01.ibm.com/support/docview.wss?uid=swg21620314

Trust: 0.8

title:#61910url:https://bugs.php.net/bug.php?id=61910

Trust: 0.8

title:RHSA-2012:0546url:http://rhn.redhat.com/errata/RHSA-2012-0546.html

Trust: 0.8

title:RHSA-2012:0568url:http://rhn.redhat.com/errata/RHSA-2012-0568.html

Trust: 0.8

title:RHSA-2012:0547url:http://rhn.redhat.com/errata/RHSA-2012-0547.html

Trust: 0.8

title:PHP 5.3.12 and PHP 5.4.2 Released!url:http://www.php.net/archive/2012.php#id2012-05-03-1

Trust: 0.8

title:PHP: CGI バイナリとしてインストール - Manualurl:http://www.php.net/manual/ja/security.cgi-bin.php

Trust: 0.8

title:PHP 5 ChangeLog - Version 5.4.2url:http://www.php.net/ChangeLog-5.php#5.4.2

Trust: 0.8

title:PHP 5.4.3 and PHP 5.3.13 Released!url:http://www.php.net/archive/2012.php#id2012-05-08-1

Trust: 0.8

title:Patch cgi.diff for CGI/CLI related Bug #61910url:https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1

Trust: 0.8

title:PHP 5.3.12 and 5.4.2 releases about CGI flaw (CVE-2012-1823)url:http://www.php.net/archive/2012.php#id2012-05-06-1

Trust: 0.8

title:001-005900url:https://support.cybozu.com/ja-jp/article/5900

Trust: 0.8

title:Red Hat: Critical: php53 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120569 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: php security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120568 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: php security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120546 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: php53 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120547 - Security Advisory

Trust: 0.1

title:Debian CVElist Bug Report Logs: php5: PHP-CGI query string parameter vulnerability (CVE-2012-1823 / CVE-2012-2311, CERT VU#520827)url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=369fec60ba7ae134a5d768faf3cb2f6b

Trust: 0.1

title:Ubuntu Security Notice: php5 vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1437-1

Trust: 0.1

title:Amazon Linux AMI: ALAS-2012-077url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2012-077

Trust: 0.1

title:Debian Security Advisories: DSA-2465-1 php5 -- several vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=db88513c75df4c41339c6c90dcb69831

Trust: 0.1

title:Red Hat: Moderate: php security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121045 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: php53 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121047 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: php security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121046 - Security Advisory

Trust: 0.1

title:HacktivityCon_CTF_2020url:https://github.com/W3rni0/HacktivityCon_CTF_2020

Trust: 0.1

title:exploitsurl:https://github.com/infodox/exploits

Trust: 0.1

title:webappurlsurl:https://github.com/pwnwiki/webappurls

Trust: 0.1

title:CVE-2012-1823url:https://github.com/drone789/CVE-2012-1823

Trust: 0.1

title:Covid-v2-Botneturl:https://github.com/SniperX-D/Covid-v2-Botnet

Trust: 0.1

title:covidurl:https://github.com/MrScytheLULZ/covid

Trust: 0.1

title:python-pySecurityurl:https://github.com/CyberSavvy/python-pySecurity

Trust: 0.1

title:pySecurityurl:https://github.com/smartFlash/pySecurity

Trust: 0.1

title:AutoSploiturl:https://github.com/RootUp/AutoSploit

Trust: 0.1

title:Pythonurl:https://github.com/BCyberSavvy/Python

Trust: 0.1

title:awesome-infosecurl:https://github.com/onlurking/awesome-infosec

Trust: 0.1

title:awesome-infosecurl:https://github.com/eric-erki/awesome-infosec

Trust: 0.1

title:Intrusion_Detection_System-Pythonurl:https://github.com/marcocastro100/Intrusion_Detection_System-Python

Trust: 0.1

title:deepdigurl:https://github.com/cyberdeception/deepdig

Trust: 0.1

title:Boot2root-CTFs-Writeupsurl:https://github.com/Jean-Francois-C/Boot2root-CTFs

Trust: 0.1

title:Boot2root-CTFs-Writeupsurl:https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups

Trust: 0.1

title:CDLurl:https://github.com/NCSU-DANCE-Research-Group/CDL

Trust: 0.1

title:Classified-Distributed-Learning-for-Detecting-Security-Attacks-in-Containerized-Applicationsurl:https://github.com/yuhang-lin/Classified-Distributed-Learning-for-Detecting-Security-Attacks-in-Containerized-Applications

Trust: 0.1

title:Threatposturl:https://threatpost.com/new-exploits-arrive-for-old-php-vulnerability/104881/

Trust: 0.1

title:Securelisturl:https://securelist.com/it-threat-evolution-q2-2013/37163/

Trust: 0.1

title:Threatposturl:https://threatpost.com/php-group-set-release-another-patch-cve-2012-1823-flaw-050812/76537/

Trust: 0.1

title:Threatposturl:https://threatpost.com/php-group-releases-new-versions-patch-doesnt-fix-cve-2012-1823-bug-050412/76524/

Trust: 0.1

sources: VULMON: CVE-2012-1823 // JVNDB: JVNDB-2012-002235

EXTERNAL IDS

db:NVDid:CVE-2012-1823

Trust: 2.8

db:CERT/CCid:VU#520827

Trust: 2.2

db:CERT/CCid:VU#673343

Trust: 1.4

db:SECUNIAid:49014

Trust: 1.1

db:SECUNIAid:49065

Trust: 1.1

db:SECUNIAid:49085

Trust: 1.1

db:SECUNIAid:49087

Trust: 1.1

db:SECTRACKid:1027022

Trust: 1.1

db:OPENWALLid:OSS-SECURITY/2024/06/07/1

Trust: 1.0

db:JVNDBid:JVNDB-2012-002235

Trust: 0.8

db:JUNIPERid:JSA10658

Trust: 0.3

db:BIDid:53388

Trust: 0.3

db:EXPLOIT-DBid:18836

Trust: 0.1

db:VULMONid:CVE-2012-1823

Trust: 0.1

db:PACKETSTORMid:116800

Trust: 0.1

db:PACKETSTORMid:112631

Trust: 0.1

db:SECUNIAid:49097

Trust: 0.1

db:PACKETSTORMid:112515

Trust: 0.1

db:PACKETSTORMid:121573

Trust: 0.1

db:PACKETSTORMid:114272

Trust: 0.1

db:PACKETSTORMid:112580

Trust: 0.1

db:PACKETSTORMid:112606

Trust: 0.1

sources: VULMON: CVE-2012-1823 // BID: 53388 // JVNDB: JVNDB-2012-002235 // PACKETSTORM: 116800 // PACKETSTORM: 112631 // PACKETSTORM: 112515 // PACKETSTORM: 121573 // PACKETSTORM: 114272 // PACKETSTORM: 112580 // PACKETSTORM: 112606 // NVD: CVE-2012-1823

REFERENCES

url:http://www.kb.cert.org/vuls/id/520827

Trust: 2.2

url:http://www.kb.cert.org/vuls/id/673343

Trust: 1.5

url:http://www.php.net/archive/2012.php#id2012-05-03-1

Trust: 1.4

url:http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/

Trust: 1.4

url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03360041

Trust: 1.4

url:http://rhn.redhat.com/errata/rhsa-2012-0570.html

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2012-0569.html

Trust: 1.2

url:https://bugs.php.net/bug.php?id=61910

Trust: 1.1

url:http://www.php.net/changelog-5.php#5.4.2

Trust: 1.1

url:https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2012-0568.html

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2012-0547.html

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2012-0546.html

Trust: 1.1

url:http://secunia.com/advisories/49014

Trust: 1.1

url:http://secunia.com/advisories/49087

Trust: 1.1

url:http://secunia.com/advisories/49065

Trust: 1.1

url:http://marc.info/?l=bugtraq&m=134012830914727&w=2

Trust: 1.1

url:http://lists.apple.com/archives/security-announce/2012/sep/msg00004.html

Trust: 1.1

url:http://support.apple.com/kb/ht5501

Trust: 1.1

url:http://www.securitytracker.com/id?1027022

Trust: 1.1

url:http://secunia.com/advisories/49085

Trust: 1.1

url:http://www.mandriva.com/security/advisories?name=mdvsa-2012:068

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html

Trust: 1.1

url:http://www.debian.org/security/2012/dsa-2465

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html

Trust: 1.1

url:http://www.openwall.com/lists/oss-security/2024/06/07/1

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/pkgtquoa2ntz3rxn22csaujpiruyrb4b/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/w45dboh56nqdrtom2dn2lna2fzimc3pk/

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1823

Trust: 0.8

url:http://jvn.jp/cert/jvnvu520827

Trust: 0.8

url:http://jvn.jp/cert/jvnvu381963/index.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1823

Trust: 0.8

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03839862

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2012-1823

Trust: 0.6

url:http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.hmj%2asm..t.a4jy.6o9k.bw89mq%5f%5fdmtsfto0

Trust: 0.3

url:http://www-01.ibm.com/software/lotus/products/foundations/start/

Trust: 0.3

url:http://kb.parallels.com/en/113818

Trust: 0.3

url:kb.parallels.com/en/116241

Trust: 0.3

url:https://community.rapid7.com/thread/5174

Trust: 0.3

url:http://www.php.net/

Trust: 0.3

url:http://seclists.org/fulldisclosure/2013/jun/21

Trust: 0.3

url:http://ompldr.org/vzgxxaq

Trust: 0.3

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10658&cat=sirt_1&actp=list

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100162699

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100165255

Trust: 0.3

url:http://www.h-online.com/security/news/item/critical-open-hole-in-php-creates-risks-update-1567532.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21620314

Trust: 0.3

url:http://www.turbolinux.co.jp/security-e/2012/tlsa-2012-14.txt

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2012-0057

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-4885

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2012-0830

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-3379

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2012-1172

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2311

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-1823.html

Trust: 0.2

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://access.redhat.com/security/team/key/#package

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.2

url:http://bugzilla.redhat.com/):

Trust: 0.2

url:https://access.redhat.com/knowledge/articles/11258

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0036

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2016

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4078

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0031

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-1165

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2834

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4317

Trust: 0.2

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.2

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1944

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2014

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4108

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4153

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2013

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4415

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4577

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3607

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4619

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0021

Trust: 0.2

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0027

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0053

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2012

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2015

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4576

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2821

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2012:0569

Trust: 0.1

url:https://github.com/infodox/exploits

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.exploit-db.com/exploits/18836/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2688

Trust: 0.1

url:http://security.gentoo.org/glsa/glsa-201209-03.xml

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4566

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2688

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1398

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0789

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1398

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0788

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0831

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2336

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0831

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2335

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2143

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0057

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3450

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2335

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3450

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0830

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3379

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-4566

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2386

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1172

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4885

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1823

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2336

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0788

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2311

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0789

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3365

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2143

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3365

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2386

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-1437-1/

Trust: 0.1

url:http://secunia.com/advisories/49097/#comments

Trust: 0.1

url:http://secunia.com/psi_30_beta_launch

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=49097

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/49097/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

url:http://www.hp.com/swpublishing/mtx-ac3d1f80b8dd48b792bfc01a08

Trust: 0.1

url:http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/psi/swddetail

Trust: 0.1

url:http://secunia.com/

Trust: 0.1

url:http://www.debian.org/security/faq

Trust: 0.1

url:http://www.debian.org/security/

Trust: 0.1

url:http://lists.grok.org.uk/full-disclosure-charter.html

Trust: 0.1

sources: VULMON: CVE-2012-1823 // BID: 53388 // JVNDB: JVNDB-2012-002235 // PACKETSTORM: 116800 // PACKETSTORM: 112631 // PACKETSTORM: 112515 // PACKETSTORM: 121573 // PACKETSTORM: 114272 // PACKETSTORM: 112580 // PACKETSTORM: 112606 // NVD: CVE-2012-1823

CREDITS

De Eindbazen

Trust: 0.3

sources: BID: 53388

SOURCES

db:VULMONid:CVE-2012-1823
db:BIDid:53388
db:JVNDBid:JVNDB-2012-002235
db:PACKETSTORMid:116800
db:PACKETSTORMid:112631
db:PACKETSTORMid:112515
db:PACKETSTORMid:121573
db:PACKETSTORMid:114272
db:PACKETSTORMid:112580
db:PACKETSTORMid:112606
db:NVDid:CVE-2012-1823

LAST UPDATE DATE

2024-11-21T19:43:56.128000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2012-1823date:2018-01-18T00:00:00
db:BIDid:53388date:2015-04-13T22:15:00
db:JVNDBid:JVNDB-2012-002235date:2013-05-24T00:00:00
db:NVDid:CVE-2012-1823date:2024-07-16T17:48:42.937

SOURCES RELEASE DATE

db:VULMONid:CVE-2012-1823date:2012-05-11T00:00:00
db:BIDid:53388date:2012-05-04T00:00:00
db:JVNDBid:JVNDB-2012-002235date:2012-05-08T00:00:00
db:PACKETSTORMid:116800date:2012-09-24T15:02:14
db:PACKETSTORMid:112631date:2012-05-11T21:47:37
db:PACKETSTORMid:112515date:2012-05-08T04:16:46
db:PACKETSTORMid:121573date:2013-05-09T14:44:00
db:PACKETSTORMid:114272date:2012-06-28T03:39:12
db:PACKETSTORMid:112580date:2012-05-10T03:59:25
db:PACKETSTORMid:112606date:2012-05-10T21:02:26
db:NVDid:CVE-2012-1823date:2012-05-11T10:15:48.043