1
PublicDateAtUSN: 2012-02-06
2
Candidate: CVE-2012-0830
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830
6
https://usn.ubuntu.com/usn/usn-1358-1
8
The php_register_variable_ex function in php_variables.c in PHP 5.3.9
9
allows remote attackers to execute arbitrary code via a request containing
10
a large number of variables, related to improper handling of array
11
variables. NOTE: this vulnerability exists because of an incorrect fix for
15
tyhicks> Introduced by the fix for CVE-2011-4885
17
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0830
19
Discovered-by: Stefan Esser
23
upstream_php5: released (5.3.10-1)
24
hardy_php5: released (5.2.4-2ubuntu5.22)
25
lucid_php5: released (5.3.2-1ubuntu4.13)
26
maverick_php5: released (5.3.3-1ubuntu9.9)
27
natty_php5: released (5.3.5-1ubuntu7.6)
28
oneiric_php5: released (5.3.6-13ubuntu3.5)
29
devel_php5: not-affected (5.3.10-1ubuntu1)