CVE-2012-2376

N/A Unknown
Published: May 21, 2012 Modified: April 29, 2026
View on NVD

Description

Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://isc.sans.edu/diary.html?storyid=13255
Source: secalert@redhat.com
http://openwall.com/lists/oss-security/2012/05/20/2
Source: secalert@redhat.com
http://www.exploit-db.com/exploits/18861/
Source: secalert@redhat.com
Exploit
http://www.securitytracker.com/id?1027089
Source: secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=823464
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/75778
Source: secalert@redhat.com
http://isc.sans.edu/diary.html?storyid=13255
Source: af854a3a-2127-422b-91ae-364da2661108
http://openwall.com/lists/oss-security/2012/05/20/2
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.exploit-db.com/exploits/18861/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.securitytracker.com/id?1027089
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=823464
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/75778
Source: af854a3a-2127-422b-91ae-364da2661108

12 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
20.1%
97th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

php microsoft

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8