Lucene search

[email protected]CVE-2010-4150

HistoryDec 07, 2010 - 10:00 p.m.

CVE-2010-4150

2010-12-0722:00:02

CWE-399

[email protected]

web.nvd.nist.gov

cve-2010-4150

double free vulnerability

imap_do_open

php 5.2

php 5.3

memory corruption

arbitrary code

denial of service

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.019

Percentile

88.7%

JSON

Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

Affected configurations

NVD

Node

phpphpMatch5.2.0

phpphpMatch5.2.1

phpphpMatch5.2.2

phpphpMatch5.2.3

phpphpMatch5.2.4

phpphpMatch5.2.10

phpphpMatch5.2.11

phpphpMatch5.2.12

phpphpMatch5.2.13

phpphpMatch5.2.14

phpphpMatch5.3.0

phpphpMatch5.3.1

phpphpMatch5.3.2

phpphpMatch5.3.3

VendorProductVersionCPE
phpphp5.2.3cpe:/a:php:php:5.2.3:::
phpphp5.2.0cpe:/a:php:php:5.2.0:::
phpphp5.2.12cpe:/a:php:php:5.2.12:::
phpphp5.2.13cpe:/a:php:php:5.2.13:::
phpphp5.3.0cpe:/a:php:php:5.3.0:::
phpphp5.3.1cpe:/a:php:php:5.3.1:::
phpphp5.2.10cpe:/a:php:php:5.2.10:::
phpphp5.2.1cpe:/a:php:php:5.2.1:::
phpphp5.2.4cpe:/a:php:php:5.2.4:::
phpphp5.3.2cpe:/a:php:php:5.3.2:::

Vendor	Product	Version	CPE
php	php	5.2.3	cpe:/a:php:php:5.2.3:::
php	php	5.2.0	cpe:/a:php:php:5.2.0:::
php	php	5.2.12	cpe:/a:php:php:5.2.12:::
php	php	5.2.13	cpe:/a:php:php:5.2.13:::
php	php	5.3.0	cpe:/a:php:php:5.3.0:::
php	php	5.3.1	cpe:/a:php:php:5.3.1:::
php	php	5.2.10	cpe:/a:php:php:5.2.10:::
php	php	5.2.1	cpe:/a:php:php:5.2.1:::
php	php	5.2.4	cpe:/a:php:php:5.2.4:::
php	php	5.3.2	cpe:/a:php:php:5.3.2:::