CVE-2012-1823 — CRITICAL (9.8)

Q: How severe is CVE-2012-1823?

CVE-2012-1823 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2012-1823?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Fedoraproject Fedora, Debian Debian Linux, Hp Hp-Ux, Opensuse Opensuse.

Vulnerability Description

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Php	Php	< 5.3.12
Fedoraproject	Fedora	39
Debian	Debian Linux	6.0
Hp	Hp-Ux	b.11.23
Opensuse	Opensuse	11.4
Suse	Linux Enterprise Server	10
Suse	Linux Enterprise Software Development Kit	10
Apple	Mac Os X	>= 10.6.8, < 10.7.5
Redhat	Application Stack	2.0
Redhat	Gluster Storage Server For On-Premise	2.0
Redhat	Storage	2.0
Redhat	Storage For Public Cloud	2.0
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Eus	5.6
Redhat	Enterprise Linux Server	5.0
Redhat	Enterprise Linux Server Aus	5.3
Redhat	Enterprise Linux Workstation	5.0

Related Weaknesses (CWE)

CWE-77

References

http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/Broken LinkExploit
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041Broken Link
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.htmlMailing ListThird Party Advisory
http://marc.info/?l=bugtraq&m=134012830914727&w=2Mailing List
http://rhn.redhat.com/errata/RHSA-2012-0546.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0547.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0568.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0569.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0570.htmlThird Party Advisory
http://secunia.com/advisories/49014Broken Link
http://secunia.com/advisories/49065Broken Link
http://secunia.com/advisories/49085Broken Link

FAQ

What is CVE-2012-1823?

CVE-2012-1823 is a vulnerability with a CVSS score of 9.8 (CRITICAL). sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which all...

How severe is CVE-2012-1823?

CVE-2012-1823 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2012-1823?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Fedoraproject Fedora, Debian Debian Linux, Hp Hp-Ux, Opensuse Opensuse.