CVE-2012-0057 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.4 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:P/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 81%

Affected Products (NVD)

Vendor	Product	Version
php	php	𝑥 ≤ 5.3.8
php	php	5.0.0
php	php	5.0.0:beta1
php	php	5.0.0:beta2
php	php	5.0.0:beta3
php	php	5.0.0:beta4
php	php	5.0.0:rc1
php	php	5.0.0:rc2
php	php	5.0.0:rc3
php	php	5.0.1
php	php	5.0.2
php	php	5.0.3
php	php	5.0.4
php	php	5.0.5
php	php	5.1.0
php	php	5.1.1
php	php	5.1.2
php	php	5.1.3
php	php	5.1.4
php	php	5.1.5
php	php	5.1.6
php	php	5.2.0
php	php	5.2.1
php	php	5.2.2
php	php	5.2.3
php	php	5.2.4
php	php	5.2.5
php	php	5.2.6
php	php	5.2.7
php	php	5.2.8
php	php	5.2.9
php	php	5.2.10
php	php	5.2.11
php	php	5.2.12
php	php	5.2.13
php	php	5.2.14
php	php	5.2.15
php	php	5.2.16
php	php	5.2.17
php	php	5.3.0
php	php	5.3.1
php	php	5.3.2
php	php	5.3.3
php	php	5.3.4
php	php	5.3.5
php	php	5.3.6
php	php	5.3.7

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

php5

hardy	Fixed 5.2.4-2ubuntu5.22 released
lucid	Fixed 5.3.2-1ubuntu4.13 released
maverick	Fixed 5.3.3-1ubuntu9.9 released
natty	Fixed 5.3.5-1ubuntu7.6 released
oneiric	Fixed 5.3.6-13ubuntu3.5 released

Red Hat Enterprise Linux Releases

Red Hat Product

Release

php

RHEL 6

0:5.3.3-14.el6_3

fixed

php-bcmath

RHEL 6

0:5.3.3-14.el6_3

fixed

php-cli

RHEL 6

0:5.3.3-14.el6_3

fixed

php-common

RHEL 6

0:5.3.3-14.el6_3

fixed

php-dba

RHEL 6

0:5.3.3-14.el6_3

fixed

php-devel

RHEL 6

0:5.3.3-14.el6_3

fixed

php-embedded

RHEL 6

0:5.3.3-14.el6_3

fixed

php-enchant

RHEL 6

0:5.3.3-14.el6_3

fixed

php-gd

RHEL 6

0:5.3.3-14.el6_3

fixed

php-imap

RHEL 6

0:5.3.3-14.el6_3

fixed

php-intl

RHEL 6

0:5.3.3-14.el6_3

fixed

php-ldap

RHEL 6

0:5.3.3-14.el6_3

fixed

php-mbstring

RHEL 6

0:5.3.3-14.el6_3

fixed

php-mysql

RHEL 6

0:5.3.3-14.el6_3

fixed

php-odbc

RHEL 6

0:5.3.3-14.el6_3

fixed

php-pdo

RHEL 6

0:5.3.3-14.el6_3

fixed

php-pgsql

RHEL 6

0:5.3.3-14.el6_3

fixed

php-process

RHEL 6

0:5.3.3-14.el6_3

fixed

php-pspell

RHEL 6

0:5.3.3-14.el6_3

fixed

php-recode

RHEL 6

0:5.3.3-14.el6_3

fixed

php-snmp

RHEL 6

0:5.3.3-14.el6_3

fixed

php-soap

RHEL 6

0:5.3.3-14.el6_3

fixed

php-tidy

RHEL 6

0:5.3.3-14.el6_3

fixed

php-xml

RHEL 6

0:5.3.3-14.el6_3

fixed

php-xmlrpc

RHEL 6

0:5.3.3-14.el6_3

fixed

php-zts

RHEL 6

0:5.3.3-14.el6_3

fixed

Common Weakness Enumeration

CWE-264 -

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html

http://openwall.com/lists/oss-security/2012/01/13/10

http://openwall.com/lists/oss-security/2012/01/13/4

http://openwall.com/lists/oss-security/2012/01/13/5

http://openwall.com/lists/oss-security/2012/01/13/6

http://openwall.com/lists/oss-security/2012/01/13/7

http://openwall.com/lists/oss-security/2012/01/14/1

http://openwall.com/lists/oss-security/2012/01/14/2

http://openwall.com/lists/oss-security/2012/01/14/3

http://openwall.com/lists/oss-security/2012/01/15/1

http://openwall.com/lists/oss-security/2012/01/15/10

http://openwall.com/lists/oss-security/2012/01/15/2

http://openwall.com/lists/oss-security/2012/01/18/3

http://php.net/ChangeLog-5.php#5.3.9

http://secunia.com/advisories/48668

http://www.debian.org/security/2012/dsa-2399

https://bugs.php.net/bug.php?id=54446

https://exchange.xforce.ibmcloud.com/vulnerabilities/72908

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html

http://openwall.com/lists/oss-security/2012/01/13/10

http://openwall.com/lists/oss-security/2012/01/13/4

http://openwall.com/lists/oss-security/2012/01/13/5

http://openwall.com/lists/oss-security/2012/01/13/6

http://openwall.com/lists/oss-security/2012/01/13/7

http://openwall.com/lists/oss-security/2012/01/14/1

http://openwall.com/lists/oss-security/2012/01/14/2

http://openwall.com/lists/oss-security/2012/01/14/3

http://openwall.com/lists/oss-security/2012/01/15/1

http://openwall.com/lists/oss-security/2012/01/15/10

http://openwall.com/lists/oss-security/2012/01/15/2

http://openwall.com/lists/oss-security/2012/01/18/3

http://php.net/ChangeLog-5.php#5.3.9

http://secunia.com/advisories/48668

http://www.debian.org/security/2012/dsa-2399

https://bugs.php.net/bug.php?id=54446

https://exchange.xforce.ibmcloud.com/vulnerabilities/72908