PT-2012-1523 · Google+5 · Google Chrome+5

Raphael Geissert

Published

2012-08-30

Updated

2013-12-11

CVE-2011-1398

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.3.11 PHP versions 5.4.x prior to 5.4.0RC2

Description The issue is related to the sapi header op function in PHP, which does not properly check for %0D sequences, also known as carriage return characters. This allows remote attackers to bypass an HTTP response-splitting protection mechanism by crafting a specific URL. The issue is related to the interaction between the PHP header function and certain browsers, such as Internet Explorer and Google Chrome.

Recommendations For PHP versions prior to 5.3.11, update to version 5.3.11 or later. For PHP versions 5.4.x prior to 5.4.0RC2, update to version 5.4.0RC2 or later.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CESA-2013_0514

CVE-2011-1398

RHSA-2013:0514

RHSA-2013:1307

RHSA-2013:1814

RHSA-2013_0514

RHSA-2013_1307

RHSA-2013_1814

SUSE-SU-2012_1156-1

SUSE-SU-2012_1156-2

Affected Products

Centos

Google Chrome

Internet Explorer

Php

Red Hat

Suse

PT-2012-1523 · Google+5 · Google Chrome+5

CVE-2011-1398

Weakness Enumeration

Related Identifiers

Affected Products

References · 55