{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2012-1823", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "dateUpdated": "2024-08-06T19:08:38.505Z", "dateReserved": "2012-03-21T00:00:00", "datePublished": "2012-05-11T10:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2024-06-13T04:06:14.603074"}, "descriptions": [{"lang": "en", "value": "sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"name": "SSRT100856", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"}, {"name": "SUSE-SU-2012:0604", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"}, {"name": "1027022", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id?1027022"}, {"name": "HPSBMU02786", "tags": ["vendor-advisory"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"}, {"name": "MDVSA-2012:068", "tags": ["vendor-advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:068"}, {"name": "openSUSE-SU-2012:0590", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"}, {"name": "RHSA-2012:0546", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0546.html"}, {"name": "RHSA-2012:0568", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0568.html"}, {"name": "RHSA-2012:0569", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0569.html"}, {"url": "http://www.php.net/ChangeLog-5.php#5.4.2"}, {"name": "49014", "tags": ["third-party-advisory"], "url": "http://secunia.com/advisories/49014"}, {"name": "RHSA-2012:0570", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0570.html"}, {"name": "SUSE-SU-2012:0598", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"}, {"url": "https://bugs.php.net/bug.php?id=61910"}, {"name": "VU#673343", "tags": ["third-party-advisory"], "url": "http://www.kb.cert.org/vuls/id/673343"}, {"name": "RHSA-2012:0547", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0547.html"}, {"name": "APPLE-SA-2012-09-19-2", "tags": ["vendor-advisory"], "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"}, {"url": "http://support.apple.com/kb/HT5501"}, {"url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"}, {"name": "49065", "tags": ["third-party-advisory"], "url": "http://secunia.com/advisories/49065"}, {"name": "VU#520827", "tags": ["third-party-advisory"], "url": "http://www.kb.cert.org/vuls/id/520827"}, {"url": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1"}, {"name": "SSRT100877", "tags": ["vendor-advisory"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"}, {"name": "HPSBUX02791", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"}, {"name": "DSA-2465", "tags": ["vendor-advisory"], "url": "http://www.debian.org/security/2012/dsa-2465"}, {"name": "49085", "tags": ["third-party-advisory"], "url": "http://secunia.com/advisories/49085"}, {"url": "http://www.php.net/archive/2012.php#id2012-05-03-1"}, {"name": "49087", "tags": ["third-party-advisory"], "url": "http://secunia.com/advisories/49087"}, {"name": "[oss-security] 20240606 PHP security releases 8.3.8, 8.2.20, and 8.1.29", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"}, {"name": "FEDORA-2024-49aba7b305", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"}, {"name": "FEDORA-2024-52c23ef1ec", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}], "datePublic": "2012-05-03T00:00:00"}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:08:38.505Z"}, "title": "CVE Program Container", "references": [{"name": "SSRT100856", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"}, {"name": "SUSE-SU-2012:0604", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"}, {"name": "1027022", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id?1027022"}, {"name": "HPSBMU02786", "tags": ["vendor-advisory", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"}, {"name": "MDVSA-2012:068", "tags": ["vendor-advisory", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:068"}, {"name": "openSUSE-SU-2012:0590", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"}, {"name": "RHSA-2012:0546", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0546.html"}, {"name": "RHSA-2012:0568", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0568.html"}, {"name": "RHSA-2012:0569", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0569.html"}, {"url": "http://www.php.net/ChangeLog-5.php#5.4.2", "tags": ["x_transferred"]}, {"name": "49014", "tags": ["third-party-advisory", "x_transferred"], "url": "http://secunia.com/advisories/49014"}, {"name": "RHSA-2012:0570", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0570.html"}, {"name": "SUSE-SU-2012:0598", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"}, {"url": "https://bugs.php.net/bug.php?id=61910", "tags": ["x_transferred"]}, {"name": "VU#673343", "tags": ["third-party-advisory", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/673343"}, {"name": "RHSA-2012:0547", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0547.html"}, {"name": "APPLE-SA-2012-09-19-2", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"}, {"url": "http://support.apple.com/kb/HT5501", "tags": ["x_transferred"]}, {"url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/", "tags": ["x_transferred"]}, {"name": "49065", "tags": ["third-party-advisory", "x_transferred"], "url": "http://secunia.com/advisories/49065"}, {"name": "VU#520827", "tags": ["third-party-advisory", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/520827"}, {"url": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1", "tags": ["x_transferred"]}, {"name": "SSRT100877", "tags": ["vendor-advisory", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"}, {"name": "HPSBUX02791", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"}, {"name": "DSA-2465", "tags": ["vendor-advisory", "x_transferred"], "url": "http://www.debian.org/security/2012/dsa-2465"}, {"name": "49085", "tags": ["third-party-advisory", "x_transferred"], "url": "http://secunia.com/advisories/49085"}, {"url": "http://www.php.net/archive/2012.php#id2012-05-03-1", "tags": ["x_transferred"]}, {"name": "49087", "tags": ["third-party-advisory", "x_transferred"], "url": "http://secunia.com/advisories/49087"}, {"name": "[oss-security] 20240606 PHP security releases 8.3.8, 8.2.20, and 8.1.29", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"}, {"name": "FEDORA-2024-49aba7b305", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"}, {"name": "FEDORA-2024-52c23ef1ec", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"}]}]}, "dataVersion": "5.1"}

{}

{"cisaActionDue": "2022-04-15", "cisaExploitAdd": "2022-03-25", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "PHP-CGI Query String Parameter Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7565237-10C7-44C5-BFA0-24C84E7B10C3", "versionEndExcluding": "5.3.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E2DD924-DBE9-438D-B5D9-60840046CA08", "versionEndExcluding": "5.4.2", "versionStartIncluding": "5.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*", "matchCriteriaId": "12C73959-3E02-4847-8962-651D652800EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*", "matchCriteriaId": "B64BBA96-FB3C-46AC-9A29-50EE02714FE9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "matchCriteriaId": "EBB2C482-D2A4-48B3-ACE7-E1DFDCC409B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*", "matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*", "matchCriteriaId": "88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "matchCriteriaId": "DB4D6749-81A1-41D7-BF4F-1C45A7F49A22", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*", "matchCriteriaId": "436EF2ED-FDBB-4B64-8EC4-33C3E4253F06", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*", "matchCriteriaId": "5AA37837-3083-4DC7-94F4-54FD5D7CB53C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF149F33-4D3B-4252-8D96-AB912B2DEB43", "versionEndExcluding": "10.7.5", "versionStartIncluding": "10.6.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "283B3DF2-DAFA-4333-B3CF-181ACD635137", "versionEndExcluding": "10.8.2", "versionStartIncluding": "10.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:application_stack:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "847A353B-833B-4A2A-8B87-2C6BA88A8CC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "59D47E43-886E-4114-96A2-DBE719EA3A89", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:storage:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "52B90A04-DD6D-4AE7-A0E5-6B381127D507", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:storage_for_public_cloud:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "F0257753-51C3-45F2-BAA4-4C1F2DEAB7A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "903512FC-0017-4564-9B89-7E64FFB14B11", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BEEC943-452C-4A19-B492-5EC8ADE427CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "C0554C89-3716-49F3-BFAE-E008D5E4E29C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "1F87B994-28E4-4095-8770-6433DE9C93AB", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB6ADFB8-210D-4E46-82A2-1C8705928382", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case."}, {"lang": "es", "value": "sapi/cgi/cgi_main.c en PHP antes de v5.3.12 y v5.4.x antes de v5.4.2, cuando se configura como un script CGI (tambi\u00e9n conocido como php-cgi), no maneja correctamente las cadenas de consulta que carecen de un car\u00e1cter = (signo igual), lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante la colocaci\u00f3n de l\u00ednea de comandos en la cadena de consulta, relacionado con el fallo de saltarse cierto php_getopt para el caso de la 'd'."}], "id": "CVE-2012-1823", "lastModified": "2024-11-21T01:37:50.887", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2012-05-11T10:15:48.043", "references": [{"source": "cret@cert.org", "tags": ["Broken Link", "Exploit"], "url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"}, {"source": "cret@cert.org", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"}, {"source": "cret@cert.org", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"}, {"source": "cret@cert.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"}, {"source": "cret@cert.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"}, {"source": "cret@cert.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"}, {"source": "cret@cert.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"}, {"source": "cret@cert.org", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"}, {"source": "cret@cert.org", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0546.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0547.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0568.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0569.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0570.html"}, {"source": "cret@cert.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/49014"}, {"source": "cret@cert.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/49065"}, {"source": "cret@cert.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/49085"}, {"source": "cret@cert.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/49087"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://support.apple.com/kb/HT5501"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2012/dsa-2465"}, {"source": "cret@cert.org", "tags": ["Exploit", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/520827"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/673343"}, {"source": "cret@cert.org", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:068"}, {"source": "cret@cert.org", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"}, {"source": "cret@cert.org", "tags": ["Exploit", "Patch", "Release Notes"], "url": "http://www.php.net/ChangeLog-5.php#5.4.2"}, {"source": "cret@cert.org", "tags": ["Release Notes"], "url": "http://www.php.net/archive/2012.php#id2012-05-03-1"}, {"source": "cret@cert.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1027022"}, {"source": "cret@cert.org", "tags": ["Exploit", "Patch"], "url": "https://bugs.php.net/bug.php?id=61910"}, {"source": "cret@cert.org", "tags": ["Patch"], "url": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1"}, {"source": "cret@cert.org", "tags": ["Mailing List", "Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"}, {"source": "cret@cert.org", "tags": ["Mailing List", "Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Exploit"], "url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0546.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0547.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0568.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0569.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0570.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/49014"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/49065"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/49085"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/49087"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://support.apple.com/kb/HT5501"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2012/dsa-2465"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/520827"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/673343"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:068"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Release Notes"], "url": "http://www.php.net/ChangeLog-5.php#5.4.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "http://www.php.net/archive/2012.php#id2012-05-03-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1027022"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://bugs.php.net/bug.php?id=61910"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2012:0546", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "php-0:5.1.6-34.el5_8", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2012-05-07T00:00:00Z"}, {"advisory": "RHSA-2012:0547", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "php53-0:5.3.3-7.el5_8", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2012-05-07T00:00:00Z"}, {"advisory": "RHSA-2012:0568", "cpe": "cpe:/o:redhat:rhel_mission_critical:5.3", "package": "php-0:5.1.6-23.3.el5_3", "product_name": "Red Hat Enterprise Linux 5.3 Long Life", "release_date": "2012-05-10T00:00:00Z"}, {"advisory": "RHSA-2012:0568", "cpe": "cpe:/o:redhat:rhel_eus:5.6", "package": "php-0:5.1.6-27.el5_6.4", "product_name": "Red Hat Enterprise Linux 5.6 EUS - Server Only", "release_date": "2012-05-10T00:00:00Z"}, {"advisory": "RHSA-2012:0569", "cpe": "cpe:/o:redhat:rhel_eus:5.6", "package": "php53-0:5.3.3-1.el5_6.2", "product_name": "Red Hat Enterprise Linux 5.6 EUS - Server Only", "release_date": "2012-05-10T00:00:00Z"}, {"advisory": "RHSA-2012:0546", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "php-0:5.3.3-3.el6_2.8", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2012-05-07T00:00:00Z"}, {"advisory": "RHSA-2012:0568", "cpe": "cpe:/o:redhat:rhel_eus:6.0", "package": "php-0:5.3.2-6.el6_0.2", "product_name": "Red Hat Enterprise Linux 6.0 EUS - Server Only", "release_date": "2012-05-10T00:00:00Z"}, {"advisory": "RHSA-2012:0568", "cpe": "cpe:/o:redhat:rhel_eus:6.1", "package": "php-0:5.3.3-3.el6_1.4", "product_name": "Red Hat Enterprise Linux 6.1 EUS - Server Only", "release_date": "2012-05-10T00:00:00Z"}], "bugzilla": {"description": "php: command line arguments injection when run in CGI mode (VU#520827)", "id": "818607", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=818607"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case."], "name": "CVE-2012-1823", "package_state": [{"cpe": "cpe:/a:redhat:rhel_application_stack:2", "fix_state": "Affected", "package_name": "php", "product_name": "Red Hat Application Stack v2 for Enterprise Linux"}, {"cpe": "cpe:/o:redhat:enterprise_linux:3", "fix_state": "Not affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux 3"}, {"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:rhel_eus:5.3", "fix_state": "Affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux Extended Update Support 5.3"}], "public_date": "2012-05-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-1823\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-1823\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "statement": "This flaw did not affect the versions of PHP in Red Hat Enterprise Linux 3 or 4. Updates were released for Red Hat Enterprise Linux 5 and 6 (RHSA-2012:0546, RHSA-2012:0547), Red Hat Enterprise Linux 5.3 Long Life (RHSA-2012:0568), Red Hat Enterprise Linux 5.6, 6.0, and 6.1 Extended Update Support (RHSA-2012:0568, RHSA-2012:0569), and Red Hat Application Stack v2 (RHSA-2012:0570).\nThis flaw only affected PHP CGI configurations and it did not affect the default configuration in Red Hat Enterprise Linux 5 and 6 using the PHP module for Apache httpd to handle PHP scripts.\nNote that this issue was not fixed completely the first time, which resulted in the assignment of additional related CVE identifiers - CVE-2012-2311, CVE-2012-2335, and CVE-2012-2336. Refer to the Red Hat CVE Database and the Red Hat Bugzilla for additional information on how those CVEs affect Red Hat products.", "threat_severity": "Critical", "upstream_fix": "php 5.3.12, php 5.4.2"}