Unrated severityNVD Advisory· Published Aug 25, 2011· Updated Jun 16, 2026
CVE-2011-3189
CVE-2011-3189
Description
The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
10- bugs.php.net/bug.phpnvdExploit
- secunia.com/advisories/45678nvdVendor Advisory
- lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlnvd
- osvdb.org/74726nvd
- support.apple.com/kb/HT5130nvd
- www.openwall.com/lists/oss-security/2011/08/23/4nvd
- www.php.net/ChangeLog-5.phpnvd
- www.php.net/archive/2011.phpnvd
- bugs.gentoo.org/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/69429nvd
News mentions
0No linked articles in our index yet.