CVE-2011-1398

Publication date 30 August 2012

Last updated 24 July 2024

Ubuntu priority

The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
php5	12.04 LTS precise	Fixed 5.3.10-1ubuntu3.4
	11.10 oneiric	Fixed 5.3.6-13ubuntu3.9
	11.04 natty	Fixed 5.3.5-1ubuntu7.11
	10.04 LTS lucid	Fixed 5.3.2-1ubuntu4.18
	8.04 LTS hardy	Fixed 5.2.4-2ubuntu5.26

Notes

tyhicks

Incomplete fix is tracked as CVE-2012-4388

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
php5	Upstream: http://svn.php.net/viewvc?view=revision&revision=318820 Upstream: http://svn.php.net/viewvc?view=revision&revision=318997 Upstream: http://git.php.net/?p=php-src.git;a=commit;h=61088ce7296f2a3b4b53e60bdf413455b870664d Upstream: http://svn.php.net/viewvc?view=revision&revision=323033 Upstream: http://svn.php.net/viewvc?view=revision&revision=323043 Upstream: http://svn.php.net/viewvc?view=revision&revision=323986 Upstream: http://git.php.net/?p=php-src.git;a=commit;h=8e82bda330264d290a5e55580eea2eb875d4cb69 Upstream: http://git.php.net/?p=php-src.git;a=commit;h=ca58cd01fc329f907a13b82370427715d9c5bf70 Upstream: http://git.php.net/?p=php-src.git;a=commit;h=daa190f8fd5441b077bfd5ae8e999596a8c34dd3

Package

Patch details

php5

References

Related Ubuntu Security Notices (USN)

USN-1569-1
PHP vulnerabilities
17 September 2012

CVE-2011-1398

Status

Notes

Patch details

References

Related Ubuntu Security Notices (USN)

Other references