CVE-2012-2376

EXPLOITED IN THE WILD

PHP <5.4.3 - RCE

Title source: llm

Description

Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.

Exploits (1)

exploitdb WORKING POC VERIFIED

by 0in · phplocalwindows_x86

https://www.exploit-db.com/exploits/18861

View Code ZIP pw:eip

References (6)

[Various Sources] http://isc.sans.edu/diary.html?storyid=13255

[Exploit] http://www.exploit-db.com/exploits/18861/

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1027089

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/75778

[Mailing List] http://openwall.com/lists/oss-security/2012/05/20/2

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=823464

Scores

EPSS 0.3749

EPSS Percentile 97.2%

Details

VulnCheck KEV 2012-05-21

InTheWild.io 2017-08-29

CWE

CWE-119

Status published

Products (46)

php/php 1.0

php/php 2.0

php/php 2.0b10

php/php 3.0

php/php 3.0.1

php/php 3.0.2

php/php 3.0.3

php/php 3.0.4

php/php 3.0.5

php/php 3.0.6

... and 36 more

Published May 21, 2012

Tracked Since Feb 18, 2026