Lucene search

K
cve[email protected]CVE-2006-1991
HistoryApr 24, 2006 - 11:02 p.m.

CVE-2006-1991

2006-04-2423:02:00
CWE-399
web.nvd.nist.gov
28
cve
php
denial of service
vulnerability
memory access violation
nvd

6.2 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.035 Low

EPSS

Percentile

91.3%

The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument.

CPENameOperatorVersion
php:phpphpeq5.1.2

6.2 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.035 Low

EPSS

Percentile

91.3%

Related for CVE-2006-1991