CVE-2012-2376

EXPLOITED IN THE WILD

PHP < 5.4.3 - Remote Code Execution via COM Object VARIANT Type Handling

Title source: manual

Exploitation Summary

CVE-2012-2376 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit from researchers including 0in.

AI-analyzed exploit summary This exploit targets a Variant type parsing vulnerability in PHP 5.4.3 on Windows XP SP3, using heap spraying and a bind shell payload to achieve remote code execution.

Description

Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.

Exploits (1)

exploitdb WORKING POC VERIFIED

by 0in · phplocalwindows_x86

https://www.exploit-db.com/exploits/18861

View Code ZIP pw:eip

This exploit targets a Variant type parsing vulnerability in PHP 5.4.3 on Windows XP SP3, using heap spraying and a bind shell payload to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: PHP 5.4.3 (Win32)

No auth needed

Prerequisites: PHP 5.4.3 on Windows XP SP3 · Network access to the target

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Various Sources x_refsource_misc

http://isc.sans.edu/diary.html?storyid=13255

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/75778

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/18861/

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=823464

Mailing List mailing-list x_refsource_mlist

http://openwall.com/lists/oss-security/2012/05/20/2

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1027089

Scores

EPSS 0.3749

EPSS Percentile 97.3%

Details

VulnCheck KEV 2012-05-21

InTheWild.io 2017-08-29

CWE

CWE-119

Status published

Products (46)

php/php 1.0

php/php 2.0

php/php 2.0b10

php/php 3.0

php/php 3.0.1

php/php 3.0.2

php/php 3.0.3

php/php 3.0.4

php/php 3.0.5

php/php 3.0.6

... and 36 more

Published May 21, 2012

Tracked Since Feb 18, 2026