Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2012-4388

Published: 7 September 2012

The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1398.

Notes

AuthorNote
tyhicks
5.4.x, before 5.4.1-rc1 received the incomplete fix
mdeslaur
Incomplete fix for CVE-2011-1398, see CVE-2011-1398 for
regression fix commits

Priority

Medium

Status

Package Release Status
php5
Launchpad, Ubuntu, Debian
upstream
Released (5.3.11,5.4.1~rc1-1)
hardy
Released (5.2.4-2ubuntu5.26)
lucid
Released (5.3.2-1ubuntu4.18)
natty
Released (5.3.5-1ubuntu7.11)
oneiric
Released (5.3.6-13ubuntu3.9)
precise
Released (5.3.10-1ubuntu3.4)