Red Hat Bugzilla – Bug 823464
CVE-2012-2376 php: Buffer overflow in com_print_typeinfo() by parsing certain variant types
Last modified: 2015-07-31 02:50:55 EDT
A security flaw was found in the way the com_print_typeinfo() routine of the PHP scripting language processed certain COM object arguments. If a PHP language based application remotely accepted untrusted com_print_typeinfo() arguments in order to print out a PHP class definition for a dispatchable interface, a remote attacker could provide a specially-crafted COM object, which once processed by the application could lead to that application crash, or, potentially arbitrary code execution with the privileges of the user running the application.
Not vulnerable. This flaw is specific to PHP instances, running on Microsoft Windows platform.