PHP '_php_stream_scandir()' Buffer Overflow Vulnerability (Windows) Network Vulnerability

Summary

This host is running PHP and is prone to buffer overflow vulnerability.

Impact

Successful exploitation could allow attackers to execute arbitrary code and failed attempts will likely result in denial-of-service conditions. Impact Level: System/Application

Solution

upgrade to PHP 5.4.5 or 5.3.15 or later For updates refer to http://www.php.net/downloads.php

Insight

Flaw related to overflow in the _php_stream_scandir function in the stream implementation.

Affected

PHP version before 5.3.15 and 5.4.x before 5.4.5

References

http://en.securitylab.ru/nvd/427456.php
http://secunia.com/advisories/cve_reference/CVE-2012-2688
http://www.php.net/ChangeLog-5.php

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2688

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CursorArts ZipWrangler 'ZIP Processing' Buffer Overflow Vulnerability
ALLMediaServer Request Handling Stack Buffer Overflow Vulnerability
BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability
3CTftpSvc TFTP Server Long Mode Buffer Overflow Vulnerability
Audacity Buffer Overflow Vulnerability (Linux)

Take action and discover your vulnerabilities