| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-2336 | 5.0 |
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service
|
13-02-2023 - 04:33 | 11-05-2012 - 10:15 | |
| CVE-2012-2335 | 7.5 |
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c
|
13-02-2023 - 04:33 | 11-05-2012 - 10:15 | |
| CVE-2012-2311 | 7.5 |
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to exec
|
13-02-2023 - 00:24 | 11-05-2012 - 10:15 | |
| CVE-2012-2329 | 5.0 |
Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.
|
29-08-2017 - 01:31 | 11-05-2012 - 10:15 |