CVE-2012-2329 : Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote at

Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.

Published 2012-05-11 10:15:48

Updated 2017-08-29 01:31:35

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: OverflowDenial of service

Threat overview for CVE-2012-2329

Top countries where our scanners detected CVE-2012-2329

Top open port discovered on systems with this issue 80

IPs affected by CVE-2012-2329 378

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2012-2329!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2012-2329

Probability of exploitation activity in the next 30 days: 60.55%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2012-2329

PHP apache_request_headers Function Buffer Overflow

Disclosure Date: 2012-05-08

First seen: 2020-04-26

exploit/windows/http/php_apache_request_headers_bof

This module exploits a stack based buffer overflow in the CGI version of PHP 5.4.x before 5.4.3. The vulnerability is due to the insecure handling of the HTTP headers. This module has been tested against the thread safe version of PHP 5.4.2, from "window

More information

CVSS scores for CVE-2012-2329

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2012-2329

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-2329

http://www.php.net/ChangeLog-5.php#5.4.3

PHP: PHP 5 ChangeLog

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=820000

820000 – (CVE-2012-2329) CVE-2012-2329 php: buffer overflow flaw in apache_request_headers() in PHP 5.4.x
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/75545

PHP apache_request_headers() buffer overflow CVE-2012-2329 Vulnerability Report
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862

HP Support for Technical Help and Troubleshooting | HP® Customer Service.

CVEs referencing this url
http://www.php.net/archive/2012.php#id2012-05-08-1

PHP: News Archive - 2012

CVEs referencing this url
http://www.securityfocus.com/bid/53455

PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability
https://bugs.php.net/bug.php?id=61807

PHP :: Sec Bug #61807 :: Buffer Overflow in apache_request_headers

Products affected by CVE-2012-2329

PHP » PHP » Version: 5.4.0
cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.4.1
cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.4.2
cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-2329