| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-2143 | 4.3 |
The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for cont
|
14-03-2024 - 19:59 | 05-07-2012 - 14:55 | |
| CVE-2012-2386 | 7.5 |
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted t
|
13-02-2023 - 04:33 | 07-07-2012 - 10:21 | |
| CVE-2012-2336 | 5.0 |
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service
|
13-02-2023 - 04:33 | 11-05-2012 - 10:15 | |
| CVE-2012-2335 | 7.5 |
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c
|
13-02-2023 - 04:33 | 11-05-2012 - 10:15 |