#VU4197 Heap-based buffer underflow in PHP - CVE-2012-2688
Published: January 11, 2017 / Updated: March 13, 2017
Vulnerability identifier: #VU4197
Vulnerability risk: Critical
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2012-2688
CWE-ID: CWE-122
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
PHP
PHP
Software vendor:
PHP Group
PHP Group
Description
The vulnerability allows a remote attacker to cause DoS conditions or execute arbitrary code on the target system.
The weakness exists due to heap-based buffer underflow in the PHP scandir() function. A remote attacker can create specially crafted files, upload them to a directory the scandir() function runs on and cause the PHP interpreter to crash or execute arbitrary code with privileges of the web server.
Successful exploitation of the vulnerability results in denial of service or arbitrary code execution on the vulnerable system.
Note: the vulnerability was being actively exploited.
The weakness exists due to heap-based buffer underflow in the PHP scandir() function. A remote attacker can create specially crafted files, upload them to a directory the scandir() function runs on and cause the PHP interpreter to crash or execute arbitrary code with privileges of the web server.
Successful exploitation of the vulnerability results in denial of service or arbitrary code execution on the vulnerable system.
Note: the vulnerability was being actively exploited.
Remediation
Update to version 5.3.15 or 5.4.5 or later.