CVE-2012-4388
PHP 5.4.0RC2-5.4.0 - HTTP Response Splitting via Carriage Return Bypass
Title source: llmDescription
The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1398.
References (11)
Core 11
Core References
Third Party Advisory x_refsource_confirm
http://security-tracker.debian.org/tracker/CVE-2012-4388
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2012/09/05/15
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027463
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2012/09/07/3
Exploit, Patch, Vendor Advisory x_refsource_confirm
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/SAPI.c?r1=323986&r2=323985&pathrev=323986
Vendor Advisory x_refsource_misc
https://bugs.php.net/bug.php?id=60227
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2012/08/29/5
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2012/09/02/1
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html
Broken Link mailing-list
x_refsource_mlist
http://article.gmane.org/gmane.comp.php.devel/70584
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1569-1
Scores
EPSS
0.0219
EPSS Percentile
84.6%
Details
CWE
CWE-20
Status
published
Products (8)
canonical/ubuntu_linux
8.04
canonical/ubuntu_linux
10.04
canonical/ubuntu_linux
11.04
canonical/ubuntu_linux
11.10
canonical/ubuntu_linux
12.04
debian/debian_linux
6.0
php/php
5.4.0 rc2
php/php
5.3.0 - 5.3.11
Published
Sep 07, 2012
Tracked Since
Feb 18, 2026