CVE-2012-2336

Description

sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.

References

Link	Tags
http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00004.html	vendor advisory
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html	vendor advisory
https://bugs.php.net/patch-display.php?bug_id=61910&patch=CVE-2012-1823.patch&revision=1336251592&display=1
http://secunia.com/advisories/49014	third party advisory vendor advisory
https://bugs.php.net/bug.php?id=61910	vendor advisory
http://www.php.net/archive/2012.php#id2012-05-08-1	vendor advisory
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862	vendor advisory
http://www.php.net/ChangeLog-5.php#5.4.3

Frequently Asked Questions

What is the severity of CVE-2012-2336?: CVE-2012-2336 has been scored as a medium severity vulnerability.
How to fix CVE-2012-2336?: To fix CVE-2012-2336, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2012-2336 being actively exploited in the wild?: It is possible that CVE-2012-2336 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~10% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-20 – Improper Input Validation

References

Frequently Asked Questions