CVE-2012-6113

Name of the Vulnerable Software and Affected Versions PHP versions 5.3.9 through 5.3.13

Description The issue concerns the openssl encrypt function, which fails to initialize a certain variable. This allows remote attackers to obtain sensitive information from process memory by providing zero bytes of input data.

Recommendations For PHP versions 5.3.9 through 5.3.13, consider updating to a version where this issue is fixed, as the provided information does not specify the exact fixed version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.