← back
CVE-2012-2376

CVE-2012-2376

EPSS 20.1%
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/18861unverifiedcve_referencewww.exploit-db.com/exploits/18861/unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://isc.sans.edu/diary.html?storyid=13255http://openwall.com/lists/oss-security/2012/05/20/2https://bugzilla.redhat.com/show_bug.cgi?id=823464https://exchange.xforce.ibmcloud.com/vulnerabilities/75778http://www.exploit-db.com/exploits/18861/http://www.securitytracker.com/id?1027089