PHP patches critical CGI vulnerability
Source: InfoWorld - Posted by Dave Wreski   
Vendors/Products The PHP Group released PHP 5.4.3 and PHP 5.3.13 on Tuesday to address two remote code execution vulnerabilities, one of which is being actively exploited by hackers. "The releases complete a fix for a vulnerability in CGI-based setups (CVE-2012-2311)," the PHP developers said in the release notes. Additionally, PHP 5.4.3 fixes a buffer overflow vulnerability, identified as CVE-2012-2329, in the apache_request_headers() function.

Read this full article at InfoWorld

Only registered users can write comments.
Please login or register.

Powered by AkoComment!