CVE-2012-2688

Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
phpphp
𝑥
≤ 5.3.14
phpphp
1.0
phpphp
2.0
phpphp
2.0b10:b10
phpphp
3.0
phpphp
3.0.1
phpphp
3.0.2
phpphp
3.0.3
phpphp
3.0.4
phpphp
3.0.5
phpphp
3.0.6
phpphp
3.0.7
phpphp
3.0.8
phpphp
3.0.9
phpphp
3.0.10
phpphp
3.0.11
phpphp
3.0.12
phpphp
3.0.13
phpphp
3.0.14
phpphp
3.0.15
phpphp
3.0.16
phpphp
3.0.17
phpphp
3.0.18
phpphp
4.0:beta_4_patch1
phpphp
4.0:beta1
phpphp
4.0:beta2
phpphp
4.0:beta3
phpphp
4.0:beta4
phpphp
4.0.0
phpphp
4.0.1
phpphp
4.0.2
phpphp
4.0.3
phpphp
4.0.4
phpphp
4.0.5
phpphp
4.0.6
phpphp
4.0.7
phpphp
4.1.0
phpphp
4.1.1
phpphp
4.1.2
phpphp
4.2.0
phpphp
4.2.1
phpphp
4.2.2
phpphp
4.2.3
phpphp
4.3.0
phpphp
4.3.1
phpphp
4.3.2
phpphp
4.3.3
phpphp
4.3.4
phpphp
4.3.5
phpphp
4.3.6
phpphp
4.3.7
phpphp
4.3.8
phpphp
4.3.9
phpphp
4.3.10
phpphp
4.3.11
phpphp
4.4.0
phpphp
4.4.1
phpphp
4.4.2
phpphp
4.4.3
phpphp
4.4.4
phpphp
4.4.5
phpphp
4.4.6
phpphp
4.4.7
phpphp
4.4.8
phpphp
4.4.9
phpphp
5.0.0
phpphp
5.0.0:beta1
phpphp
5.0.0:beta2
phpphp
5.0.0:beta3
phpphp
5.0.0:beta4
phpphp
5.0.0:rc1
phpphp
5.0.0:rc2
phpphp
5.0.0:rc3
phpphp
5.0.1
phpphp
5.0.2
phpphp
5.0.3
phpphp
5.0.4
phpphp
5.0.5
phpphp
5.1.0
phpphp
5.1.1
phpphp
5.1.2
phpphp
5.1.3
phpphp
5.1.4
phpphp
5.1.5
phpphp
5.1.6
phpphp
5.2.0
phpphp
5.2.1
phpphp
5.2.2
phpphp
5.2.3
phpphp
5.2.4
phpphp
5.2.5
phpphp
5.2.6
phpphp
5.2.7
phpphp
5.2.8
phpphp
5.2.9
phpphp
5.2.10
phpphp
5.2.11
phpphp
5.2.12
phpphp
5.2.13
phpphp
5.2.14
phpphp
5.2.15
phpphp
5.2.16
phpphp
5.2.17
phpphp
5.3.0
phpphp
5.3.1
phpphp
5.3.2
phpphp
5.3.3
phpphp
5.3.4
phpphp
5.3.5
phpphp
5.3.6
phpphp
5.3.7
phpphp
5.3.8
phpphp
5.3.9
phpphp
5.3.10
phpphp
5.3.11
phpphp
5.3.12
phpphp
5.3.13
phpphp
5.4.0
phpphp
5.4.1
phpphp
5.4.2
phpphp
5.4.3
phpphp
5.4.4
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
php5
hardy
Fixed 5.2.4-2ubuntu5.26
released
lucid
Fixed 5.3.2-1ubuntu4.18
released
natty
Fixed 5.3.5-1ubuntu7.11
released
oneiric
Fixed 5.3.6-13ubuntu3.9
released
precise
Fixed 5.3.10-1ubuntu3.4
released
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
php
RHEL 6
0:5.3.3-22.el6
fixed
php-bcmath
RHEL 6
0:5.3.3-22.el6
fixed
php-cli
RHEL 6
0:5.3.3-22.el6
fixed
php-common
RHEL 6
0:5.3.3-22.el6
fixed
php-dba
RHEL 6
0:5.3.3-22.el6
fixed
php-devel
RHEL 6
0:5.3.3-22.el6
fixed
php-embedded
RHEL 6
0:5.3.3-22.el6
fixed
php-enchant
RHEL 6
0:5.3.3-22.el6
fixed
php-fpm
RHEL 6
0:5.3.3-22.el6
fixed
php-gd
RHEL 6
0:5.3.3-22.el6
fixed
php-imap
RHEL 6
0:5.3.3-22.el6
fixed
php-intl
RHEL 6
0:5.3.3-22.el6
fixed
php-ldap
RHEL 6
0:5.3.3-22.el6
fixed
php-mbstring
RHEL 6
0:5.3.3-22.el6
fixed
php-mysql
RHEL 6
0:5.3.3-22.el6
fixed
php-odbc
RHEL 6
0:5.3.3-22.el6
fixed
php-pdo
RHEL 6
0:5.3.3-22.el6
fixed
php-pgsql
RHEL 6
0:5.3.3-22.el6
fixed
php-process
RHEL 6
0:5.3.3-22.el6
fixed
php-pspell
RHEL 6
0:5.3.3-22.el6
fixed
php-recode
RHEL 6
0:5.3.3-22.el6
fixed
php-snmp
RHEL 6
0:5.3.3-22.el6
fixed
php-soap
RHEL 6
0:5.3.3-22.el6
fixed
php-tidy
RHEL 6
0:5.3.3-22.el6
fixed
php-xml
RHEL 6
0:5.3.3-22.el6
fixed
php-xmlrpc
RHEL 6
0:5.3.3-22.el6
fixed
php-zts
RHEL 6
0:5.3.3-22.el6
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
php
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-bcmath
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-cli
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-common
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-dba
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-debuginfo
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-devel
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-embedded
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-fpm
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-gd
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-imap
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-intl
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-ldap
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-mbstring
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-mcrypt
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-mssql
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-mysql
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-mysqlnd
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-odbc
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-pdo
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-pgsql
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-process
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-pspell
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-recode
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-snmp
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-soap
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-tidy
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-xml
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed
php-xmlrpc
Amazon Linux 1
0:5.3.15-1.22.amzn1
fixed