Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0781

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-0781
Last Modified 27 Jun 2012 11:41:41
Published 18 Jan 2012 03:55:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0781

Summary

The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153.

Vulnerable Systems

Application

  • Php 5.3.8


References

EXPLOIT-DB - 18370

MISC - http://cxsecurity.com/research/103

BUGTRAQ - 20120114 PHP 5.3.8 Multiple vulnerabilities

SECUNIA - 48668

SUSE - openSUSE-SU-2012:0426

Related Patches

Novell SUSE 2012:5964 apache2-mod_php5 security update for SLES 11 SP1 x86_64

Novell SUSE 2012:5964 apache2-mod_php5 security update for SLES 11 SP1 i586

Novell SUSE 2012:8009 apache2-mod_php5 security update for SLES 10 SP4 i586

Novell SUSE 2012:8009 apache2-mod_php5 security update for SLES 10 SP4 x86_64


Last Updated: 27 May 2016 10:57:22