CVE-2012-3450

Php < 5.3.13 - Denial of Service

Title source: rule

Description

pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted parameter value.

Exploits (1)

exploitdb WORKING POC VERIFIED

by 0x721427D8 · phpdosphp

https://www.exploit-db.com/exploits/37566

View Code ZIP pw:eip

References (10)

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00021.html

[Mailing List] http://seclists.org/bugtraq/2012/Jun/60

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2012:108

[Vendor Advisory] http://www.php.net/ChangeLog-5.php

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1569-1

[Various Sources] https://bugs.php.net/bug.php?id=61755

[Issue Tracking] https://bugzilla.novell.com/show_bug.cgi?id=769785

[Third Party Advisory] http://www.debian.org/security/2012/dsa-2527

[Mailing List] http://www.openwall.com/lists/oss-security/2012/08/02/3

[Mailing List] http://www.openwall.com/lists/oss-security/2012/08/02/7

Scores

EPSS 0.1238

EPSS Percentile 93.9%

Details

Status published

Products (18)

php/php 5.3.0

php/php 5.3.1

php/php 5.3.2

php/php 5.3.3

php/php 5.3.4

php/php 5.3.5

php/php 5.3.6

php/php 5.3.7

php/php 5.3.8

php/php 5.3.9

... and 8 more

Published Aug 06, 2012

Tracked Since Feb 18, 2026