PHP com_print_typeinfo Remote Code Execution Vulnerability

Last Update Date: 7 Jun 2013 Release Date: 22 May 2012 6221 Views

RISK: High Risk

High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability has been identified in PHP, which can be exploited by malicious people to compromise a vulnerable system.

  1. It is due to the vulnerability in the com_print_typeinfo function.
  2. The php engine needs to execute the malicious code, which can include any shellcode like the the ones that bind a shell to a port.
  3. An exploit would require the attacker to upload PHP code to the server, at which point, the attacker could just use PHP to run shell commands via "exec".
  4. Only the windows version is vulnerable.

    5. NOTE: No patch available for this vulnerability

Impact

  • Remote Code Execution

System / Technologies affected

  • PHP Version 5.4.3 and earlier in Windows

Solutions

  • No patch available for this vulnerability
  • Workaround:
    • Block any file upload function in your php applications to avoid risks of exploit code execution.
    • Use your IPS to filter known shellcodes like the ones included in metasploit.
    • Keep PHP in the current available version, so you can know that you are not a possible target for any other vulnerability like CVE-2012-2336 registered at the beginning of the month.
    • Use your HIPS to block any possible buffer overflow in your system.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Foxit Reader Facebook Plugin Insecure Library Loading Vulnerability

24 Aug 2012 5104 Views

Next

Symantec Web Gateway `l´ Cross-Site Scripting Vulnerability

8 May 2012 5149 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY