PHP.CGI.Argument.Injection
Description
This indicates an attack attempt against an Argument Injection vulnerability in PHP CGI.
The vulnerability is caused by an error when the vulnerable software handles a malicious request. It allows a remote attacker to execute arbitrary code via a crafted URI.
Affected Products
PHP before 5.3.12
PHP 5.4.x before 5.4.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
The vendor issued a fix (5.3.12, 5.4.2) for CVE-2012-1823. It was incomplete fix, does not fully correct the vulnerability [CVE-2012-2311].
The vendor has issued a fix (5.3.13, 5.4.3) for CVE-2012-2311.
http://us2.php.net/downloads.php
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |