CVE-2012-2376 Information
Share on:
Feb 14, 2021
cve
Description
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types as exploited in the wild in May 2012.
Reference
http://isc.sans.edu/diary.html?storyid=13255 http://openwall.com/lists/oss-security/2012/05/20/2 http://www.exploit-db.com/exploits/18861/ http://www.securitytracker.com/id?1027089 https://bugzilla.redhat.com/show_bug.cgi?id=823464 https://exchange.xforce.ibmcloud.com/vulnerabilities/75778