{"url":"http://public2.vulnerablecode.io/api/packages/126014?format=json","purl":"pkg:rpm/redhat/php@5.1.6-27.el5_6?arch=4","type":"rpm","namespace":"redhat","name":"php","version":"5.1.6-27.el5_6","qualifiers":{"arch":"4"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49116?format=json","vulnerability_id":"VCID-myft-jnpz-r7gb","summary":"Multiple vulnerabilities were found in PHP, the worst of which lead\n    to remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1823.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1823.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1823","reference_id":"","reference_type":"","scores":[{"value":"0.94363","scoring_system":"epss","scoring_elements":"0.99965","published_at":"2026-04-29T12:55:00Z"},{"value":"0.94386","scoring_system":"epss","scoring_elements":"0.99971","published_at":"2026-04-18T12:55:00Z"},{"value":"0.94386","scoring_system":"epss","scoring_elements":"0.99972","published_at":"2026-04-08T12:55:00Z"},{"value":"0.94386","scoring_system":"epss","scoring_elements":"0.9997","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1823"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/06/07/1","reference_id":"1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/06/07/1"},{"reference_url":"http://www.php.net/archive/2012.php#id2012-05-03-1","reference_id":"2012.php#id2012-05-03-1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://www.php.net/archive/2012.php#id2012-05-03-1"},{"reference_url":"http://secunia.com/advisories/49014","reference_id":"49014","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://secunia.com/advisories/49014"},{"reference_url":"http://secunia.com/advisories/49065","reference_id":"49065","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://secunia.com/advisories/49065"},{"reference_url":"http://secunia.com/advisories/49085","reference_id":"49085","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://secunia.com/advisories/49085"},{"reference_url":"http://secunia.com/advisories/49087","reference_id":"49087","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://secunia.com/advisories/49087"},{"reference_url":"http://www.kb.cert.org/vuls/id/520827","reference_id":"520827","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://www.kb.cert.org/vuls/id/520827"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=818607","reference_id":"818607","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=818607"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:068","reference_id":"advisories?name=MDVSA-2012:068","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:068"},{"reference_url":"https://bugs.php.net/bug.php?id=61910","reference_id":"bug.php?id=61910","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"https://bugs.php.net/bug.php?id=61910"},{"reference_url":"http://www.php.net/ChangeLog-5.php#5.4.2","reference_id":"ChangeLog-5.php#5.4.2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://www.php.net/ChangeLog-5.php#5.4.2"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/18836.py","reference_id":"CVE-2012-2336;CVE-2012-2311;CVE-2012-1823;OSVDB-81633","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/18836.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/29290.c","reference_id":"CVE-2012-2336;CVE-2012-2311;CVE-2012-1823;OSVDB-81633","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/29290.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/29316.py","reference_id":"CVE-2012-2336;CVE-2012-2311;CVE-2012-1823;OSVDB-81633","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/29316.py"},{"reference_url":"http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/","reference_id":"CVE-2012-2336;OSVDB-81633;CVE-2012-2311;CVE-2012-1823","reference_type":"exploit","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/18834.rb","reference_id":"CVE-2012-2336;OSVDB-81633;CVE-2012-2311;CVE-2012-1823","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/18834.rb"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041","reference_id":"Document.jsp?objectID=c03360041","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"},{"reference_url":"http://www.debian.org/security/2012/dsa-2465","reference_id":"dsa-2465","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://www.debian.org/security/2012/dsa-2465"},{"reference_url":"https://security.gentoo.org/glsa/201209-03","reference_id":"GLSA-201209-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-03"},{"reference_url":"http://www.securitytracker.com/id?1027022","reference_id":"id?1027022","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://www.securitytracker.com/id?1027022"},{"reference_url":"http://marc.info/?l=bugtraq&m=134012830914727&w=2","reference_id":"?l=bugtraq&m=134012830914727&w=2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://marc.info/?l=bugtraq&m=134012830914727&w=2"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html","reference_id":"msg00002.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html","reference_id":"msg00007.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"},{"reference_url":"https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1","reference_id":"patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/","reference_id":"PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0546","reference_id":"RHSA-2012:0546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0546"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-0546.html","reference_id":"RHSA-2012-0546.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2012-0546.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0547","reference_id":"RHSA-2012:0547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0547"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-0547.html","reference_id":"RHSA-2012-0547.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2012-0547.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0568","reference_id":"RHSA-2012:0568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0568"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-0568.html","reference_id":"RHSA-2012-0568.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2012-0568.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0569","reference_id":"RHSA-2012:0569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0569"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-0569.html","reference_id":"RHSA-2012-0569.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2012-0569.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-0570.html","reference_id":"RHSA-2012-0570.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2012-0570.html"},{"reference_url":"https://usn.ubuntu.com/1437-1/","reference_id":"USN-1437-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1437-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/","reference_id":"W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"}],"fixed_packages":[],"aliases":["CVE-2012-1823"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-myft-jnpz-r7gb"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-27.el5_6%3Farch=4"}