Lucene search

K
cve[email protected]CVE-2010-4697
HistoryJan 18, 2011 - 8:00 p.m.

CVE-2010-4697

2011-01-1820:00:10
CWE-399
web.nvd.nist.gov
120
cve-2010-4697
zend engine
php
vulnerability
denial of service
nvd
heap memory corruption

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.3 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference.

Affected configurations

NVD
Node
phpphpRange5.2.14
OR
phpphpMatch1.0
OR
phpphpMatch2.0
OR
phpphpMatch2.0b10
OR
phpphpMatch3.0
OR
phpphpMatch3.0.1
OR
phpphpMatch3.0.2
OR
phpphpMatch3.0.3
OR
phpphpMatch3.0.4
OR
phpphpMatch3.0.5
OR
phpphpMatch3.0.6
OR
phpphpMatch3.0.7
OR
phpphpMatch3.0.8
OR
phpphpMatch3.0.9
OR
phpphpMatch3.0.10
OR
phpphpMatch3.0.11
OR
phpphpMatch3.0.12
OR
phpphpMatch3.0.13
OR
phpphpMatch3.0.14
OR
phpphpMatch3.0.15
OR
phpphpMatch3.0.16
OR
phpphpMatch3.0.17
OR
phpphpMatch3.0.18
OR
phpphpMatch4.0beta_4_patch1
OR
phpphpMatch4.0beta1
OR
phpphpMatch4.0beta2
OR
phpphpMatch4.0beta3
OR
phpphpMatch4.0beta4
OR
phpphpMatch4.0.0
OR
phpphpMatch4.0.1
OR
phpphpMatch4.0.2
OR
phpphpMatch4.0.3
OR
phpphpMatch4.0.4
OR
phpphpMatch4.0.5
OR
phpphpMatch4.0.6
OR
phpphpMatch4.0.7
OR
phpphpMatch4.1.0
OR
phpphpMatch4.1.1
OR
phpphpMatch4.1.2
OR
phpphpMatch4.2.0
OR
phpphpMatch4.2.1
OR
phpphpMatch4.2.2
OR
phpphpMatch4.2.3
OR
phpphpMatch4.3.0
OR
phpphpMatch4.3.1
OR
phpphpMatch4.3.2
OR
phpphpMatch4.3.3
OR
phpphpMatch4.3.4
OR
phpphpMatch4.3.5
OR
phpphpMatch4.3.6
OR
phpphpMatch4.3.7
OR
phpphpMatch4.3.8
OR
phpphpMatch4.3.9
OR
phpphpMatch4.3.10
OR
phpphpMatch4.3.11
OR
phpphpMatch4.4.0
OR
phpphpMatch4.4.1
OR
phpphpMatch4.4.2
OR
phpphpMatch4.4.3
OR
phpphpMatch4.4.4
OR
phpphpMatch4.4.5
OR
phpphpMatch4.4.6
OR
phpphpMatch4.4.7
OR
phpphpMatch4.4.8
OR
phpphpMatch4.4.9
OR
phpphpMatch5.0.0
OR
phpphpMatch5.0.0beta1
OR
phpphpMatch5.0.0beta2
OR
phpphpMatch5.0.0beta3
OR
phpphpMatch5.0.0beta4
OR
phpphpMatch5.0.0rc1
OR
phpphpMatch5.0.0rc2
OR
phpphpMatch5.0.0rc3
OR
phpphpMatch5.0.1
OR
phpphpMatch5.0.2
OR
phpphpMatch5.0.3
OR
phpphpMatch5.0.4
OR
phpphpMatch5.0.5
OR
phpphpMatch5.1.0
OR
phpphpMatch5.1.1
OR
phpphpMatch5.1.2
OR
phpphpMatch5.1.3
OR
phpphpMatch5.1.4
OR
phpphpMatch5.1.5
OR
phpphpMatch5.1.6
OR
phpphpMatch5.2.0
OR
phpphpMatch5.2.1
OR
phpphpMatch5.2.2
OR
phpphpMatch5.2.3
OR
phpphpMatch5.2.4
OR
phpphpMatch5.2.5
OR
phpphpMatch5.2.6
OR
phpphpMatch5.2.7
OR
phpphpMatch5.2.8
OR
phpphpMatch5.2.9
OR
phpphpMatch5.2.10
OR
phpphpMatch5.2.11
OR
phpphpMatch5.2.12
OR
phpphpMatch5.2.13
Node
phpphpMatch5.3.0
OR
phpphpMatch5.3.1
OR
phpphpMatch5.3.2
OR
phpphpMatch5.3.3

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.3 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%