ubuntu · CVE-2012-2376

Quick triage

Priority: medium Published: 2012-05-21 15:55:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2012-2376 medium priority: Ubuntu including 1 source packages (php5), 6 status rows across 6 suites (hardy, lucid, natty, oneiric, precise, upstream): ignored 5, needs-triage 1.

Description:

Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.

cvelogic Threat Intelligence