CVE-2012-2311
Scores
EPSS
0.745medium74.5%
0%20%40%60%80%100%
Percentile: 74.5%
CVSS
6.8medium2.0
0246810
CVSS Score: 6.8/10
All CVSS Scores
CVSS 2.0
6.8Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Medium
Describes the conditions beyond the attacker's control
AC:M
Authentication
None (N)
Describes the level of privileges an attacker must possess
Au:N
Confidentiality Impact
Partial
Measures the impact to the confidentiality of information
C:P
Integrity Impact
Partial
Measures the impact to integrity of a successfully exploited vulnerability
I:P
Availability Impact
Partial
Measures the impact to the availability of the impacted component
A:P
Description
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the ’d’ case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.
Scaner-VS 7 — a modern vulnerability management solution
Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7Sources
debiannvdubuntu
CWEs
CWE-89
Related Vulnerabilities
Exploits
Vulnerable Software (3)
Type: Configuration
Product: php5
Operating System: debian
Trait:
{ "fixed": "5.4.3-1"}
Source: debian
Type: Configuration
Product: php5
Operating System: ubuntu hardy 8.04
Trait:
{ "fixed": "5.2.4-2ubuntu5.24"}
Source: ubuntu
Type: Configuration
Vendor: *
Product: php
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.3.12", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:1.0:*:...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.3.12", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*" } ], "operator": "OR"}
Source: nvd
End of list