Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-2376)

Description

Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.

Remediation

References

Related Vulnerabilities

WordPress Plugin Mini Mail Dashboard Widget 'abspath' Parameter Remote File Include (1.36)

Magento Cryptographic Issues Vulnerability (CVE-2019-7860)

IBM WebSEAL Missing Authorization Vulnerability (CVE-2019-4158)

EspoCRM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2025-32390)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (7.1.18)

Severity

Critical

Classification

CVE-2012-2376 CWE-119

Tags

Missing Update Known Vulnerabilities