CVE-2012-3450

NONECVSS 0.0

0.0

pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted parameter value.

🔗 References (20)

secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2012-08/msg00021.html
secalert@redhathttp://seclists.org/bugtraq/2012/Jun/60
secalert@redhathttp://www.debian.org/security/2012/dsa-2527
secalert@redhathttp://www.mandriva.com/security/advisories?name=MDVSA-2012:108
secalert@redhathttp://www.openwall.com/lists/oss-security/2012/08/02/3
secalert@redhathttp://www.openwall.com/lists/oss-security/2012/08/02/7
secalert@redhathttp://www.php.net/ChangeLog-5.php
secalert@redhathttp://www.ubuntu.com/usn/USN-1569-1
secalert@redhathttps://bugs.php.net/bug.php?id=61755
secalert@redhathttps://bugzilla.novell.com/show_bug.cgi?id=769785
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00021.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/bugtraq/2012/Jun/60
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2012/dsa-2527
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2012:108
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/08/02/3

Is Your Infrastructure Affected by CVE-2012-3450?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-3450

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-3450?