PHP '_php_stream_scandir()' Buffer Overflow Vulnerability (Windows) Network Vulnerability

Summary

This host is running PHP and is prone to buffer overflow vulnerability.

Impact

Successful exploitation could allow attackers to execute arbitrary code and failed attempts will likely result in denial-of-service conditions. Impact Level: System/Application

Solution

upgrade to PHP 5.4.5 or 5.3.15 or later For updates refer to http://www.php.net/downloads.php

Insight

Flaw related to overflow in the _php_stream_scandir function in the stream implementation.

Affected

PHP version before 5.3.15 and 5.4.x before 5.4.5

References

http://en.securitylab.ru/nvd/427456.php
http://secunia.com/advisories/cve_reference/CVE-2012-2688
http://www.php.net/ChangeLog-5.php

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2688
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

BigAntSoft BigAnt IM Message Server Multiple Vulnerabilities
ACDSee FotoSlate PLP Multiple Buffer Overflow Vulnerabilities
Active Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability (Windows)
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Mac OS X)
Adobe Air Buffer Overflow Vulnerability (Mac OS X)

Take action and discover your vulnerabilities