Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-1172

The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or conduct directory traversal attacks during multi-file uploads by leveraging a script that lacks its own filename restrictions.

Related bugs and status

CVE-2012-1172 (Candidate) is related to these bugs:

Bug #191251: [needs-packaging] php5-embed

Summary				In	Importance	Status
	191251	[needs-packaging] php5-embed		php5 (Ubuntu)	Wishlist	Fix Released
	191251	[needs-packaging] php5-embed		php5 (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2012031...
MISC: http://isisblogs.poly....
MISC: https://bugs.php.net/b...
MISC: https://bugs.php.net/b...
MISC: https://nealpoole.com/...
MISC: https://students.mimuw...
CONFIRM: http://www.php.net/Cha...
CONFIRM: https://bugs.php.net/b...
CONFIRM: https://bugs.php.net/b...
FEDORA: FEDORA-2012-6869
FEDORA: FEDORA-2012-6907
FEDORA: FEDORA-2012-6911
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2012-09-19-2
CONFIRM: http://svn.php.net/vie...
CONFIRM: http://svn.php.net/vie...
HP: HPSBUX02791
HP: SSRT100856
DEBIAN: DSA-2465
SUSE: SUSE-SU-2012:0598
SUSE: SUSE-SU-2012:0604