9.8 CVE-2012-1823
CISA Kev Catalog Used by Malware Patch Exploit
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
https://nvd.nist.gov/vuln/detail/CVE-2012-1823
Categories
CWE-NVD-noinfo
References
cret@cert.org Patch Exploit
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| cpe:2.3:a:php:php:*:*:*:*:*:*:*:* | < 5.3.12 | |
| cpe:2.3:a:php:php:*:*:*:*:*:*:*:* | >= 5.4.0 | < 5.4.2 |
| Configuration 2 | ||
| cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* | ||
| cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* | ||
| Configuration 3 | ||
| cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:* | ||
| Configuration 4 | ||
| cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:* | ||
| Configuration 5 | ||
| cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:* | ||
| Configuration 6 | ||
| cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* | >= 10.6.8 | < 10.7.5 |
| cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* | >= 10.8.0 | < 10.8.2 |
| Configuration 7 | ||
| cpe:2.3:a:redhat:application_stack:2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:storage:2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:storage_for_public_cloud:2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_eus:6.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_server_aus:5.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* | ||
REMEDIATION
Patch
| Url |
|---|
| http://www.php.net/ChangeLog-5.php#5.4.2 |
| https://bugs.php.net/bug.php?id=61910 |
| https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1... |
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
POC Github
| Url |
|---|
| https://github.com/0xl0k1/CVE-2012-1823 |
Other Nist (github, ...)
| Url |
|---|
| http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/ |
| http://www.kb.cert.org/vuls/id/520827 |
| http://www.php.net/ChangeLog-5.php#5.4.2 |
| https://bugs.php.net/bug.php?id=61910 |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
