Executive Summary

Informations
NameCVE-2012-0781First vendor Publication2012-01-18
VendorCveLast vendor Modification2012-06-27

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthentificationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0781

CWE : Common Weakness Enumeration

idName
CWE-399Resource Management Errors

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Open Source Vulnerability Database (OSVDB)

idDescription
78571PHP tidy_diagnose Function Tidy::diagnose Operation Remote doS

Internal Sources (Detail)

SourceUrl
BUGTRAQhttp://archives.neohapsis.com/archives/bugtraq/2012-01/0092.html
EXPLOIT-DBhttp://www.exploit-db.com/exploits/18370/
MISChttp://cxsecurity.com/research/103
SECUNIAhttp://secunia.com/advisories/48668
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2013-05-10 22:33:48
  • Multiple Updates