We found results for “”
WS-2012-0020
Good to know:
Date: October 9, 2012
In php-src, php-5.1.2RC1 to php-5.4.8 there is a buffer overflow vulnerability. “discard_state” array is 5 chars long although the buffer must be 6 chars long in order to include null char terminator.
Language: PHP
Severity Score
Severity Score
Weakness Type (CWE)
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-120Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | LOW |