PHP Improper Input Validation Vulnerability - CVE-2012-0831

PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request related to main/php_variables.c sapi/cgi/cgi_main.c and sapi/fpm/fpm/fpm_main.c.