CVE-2012-2336

Publication date 11 May 2012

Last updated 24 July 2024

sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
php5	12.04 LTS precise	Fixed 5.3.10-1ubuntu3.2
	11.10 oneiric	Fixed 5.3.6-13ubuntu3.8
	11.04 natty	Fixed 5.3.5-1ubuntu7.10
	10.04 LTS lucid	Fixed 5.3.2-1ubuntu4.17
	8.04 LTS hardy	Fixed 5.2.4-2ubuntu5.25

How can I get the fixes?
What do statuses mean?

Notes

sbeattie

-t is a DoS issue

mdeslaur

same fix as CVE-2012-2335

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-1481-1
PHP vulnerabilities
19 June 2012

Other references

http://www.openwall.com/lists/oss-security/2012/05/09/9
https://www.cve.org/CVERecord?id=CVE-2012-2336