CVE-2012-6113

The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 through 5.3.13 does not initialize a certain variable, which allows remote attackers to obtain sensitive information from process memory by providing zero bytes of input data.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.13:*:*:*:*:*:*:*

Information

Published : 2013-01-19 13:55

Updated : 2023-02-12 16:27


NVD link : CVE-2012-6113

Mitre link : CVE-2012-6113


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

php

  • php