Lucene search
HistoryJan 18, 2011 - 8:00 p.m.
CVE-2010-4697
cve-2010-4697
zend engine
php
vulnerability
denial of service
nvd
heap memory corruption
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
9.3
Confidence
High
EPSS
0.009
Percentile
82.4%
Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference.
Affected configurations
Node
phpphpRangeβ€5.2.14
ORphpphpMatch1.0
ORphpphpMatch2.0
ORphpphpMatch2.0b10
ORphpphpMatch3.0
ORphpphpMatch3.0.1
ORphpphpMatch3.0.2
ORphpphpMatch3.0.3
ORphpphpMatch3.0.4
ORphpphpMatch3.0.5
ORphpphpMatch3.0.6
ORphpphpMatch3.0.7
ORphpphpMatch3.0.8
ORphpphpMatch3.0.9
ORphpphpMatch3.0.10
ORphpphpMatch3.0.11
ORphpphpMatch3.0.12
ORphpphpMatch3.0.13
ORphpphpMatch3.0.14
ORphpphpMatch3.0.15
ORphpphpMatch3.0.16
ORphpphpMatch3.0.17
ORphpphpMatch3.0.18
ORphpphpMatch4.0beta_4_patch1
ORphpphpMatch4.0beta1
ORphpphpMatch4.0beta2
ORphpphpMatch4.0beta3
ORphpphpMatch4.0beta4
ORphpphpMatch4.0.0
ORphpphpMatch4.0.1
ORphpphpMatch4.0.2
ORphpphpMatch4.0.3
ORphpphpMatch4.0.4
ORphpphpMatch4.0.5
ORphpphpMatch4.0.6
ORphpphpMatch4.0.7
ORphpphpMatch4.1.0
ORphpphpMatch4.1.1
ORphpphpMatch4.1.2
ORphpphpMatch4.2.0
ORphpphpMatch4.2.1
ORphpphpMatch4.2.2
ORphpphpMatch4.2.3
ORphpphpMatch4.3.0
ORphpphpMatch4.3.1
ORphpphpMatch4.3.2
ORphpphpMatch4.3.3
ORphpphpMatch4.3.4
ORphpphpMatch4.3.5
ORphpphpMatch4.3.6
ORphpphpMatch4.3.7
ORphpphpMatch4.3.8
ORphpphpMatch4.3.9
ORphpphpMatch4.3.10
ORphpphpMatch4.3.11
ORphpphpMatch4.4.0
ORphpphpMatch4.4.1
ORphpphpMatch4.4.2
ORphpphpMatch4.4.3
ORphpphpMatch4.4.4
ORphpphpMatch4.4.5
ORphpphpMatch4.4.6
ORphpphpMatch4.4.7
ORphpphpMatch4.4.8
ORphpphpMatch4.4.9
ORphpphpMatch5.0.0
ORphpphpMatch5.0.0beta1
ORphpphpMatch5.0.0beta2
ORphpphpMatch5.0.0beta3
ORphpphpMatch5.0.0beta4
ORphpphpMatch5.0.0rc1
ORphpphpMatch5.0.0rc2
ORphpphpMatch5.0.0rc3
ORphpphpMatch5.0.1
ORphpphpMatch5.0.2
ORphpphpMatch5.0.3
ORphpphpMatch5.0.4
ORphpphpMatch5.0.5
ORphpphpMatch5.1.0
ORphpphpMatch5.1.1
ORphpphpMatch5.1.2
ORphpphpMatch5.1.3
ORphpphpMatch5.1.4
ORphpphpMatch5.1.5
ORphpphpMatch5.1.6
ORphpphpMatch5.2.0
ORphpphpMatch5.2.1
ORphpphpMatch5.2.2
ORphpphpMatch5.2.3
ORphpphpMatch5.2.4
ORphpphpMatch5.2.5
ORphpphpMatch5.2.6
ORphpphpMatch5.2.7
ORphpphpMatch5.2.8
ORphpphpMatch5.2.9
ORphpphpMatch5.2.10
ORphpphpMatch5.2.11
ORphpphpMatch5.2.12
ORphpphpMatch5.2.13
Node
phpphpMatch5.3.0
ORphpphpMatch5.3.1
ORphpphpMatch5.3.2
ORphpphpMatch5.3.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| php | php | 5.0.0 | cpe:/a:php:php:5.0.0:beta1:: |
| php | php | 5.1.2 | cpe:/a:php:php:5.1.2::: |
| php | php | 3.0.4 | cpe:/a:php:php:3.0.4::: |
| php | php | 3.0.17 | cpe:/a:php:php:3.0.17::: |
| php | php | 3.0.10 | cpe:/a:php:php:3.0.10::: |
| php | php | 4.0.5 | cpe:/a:php:php:4.0.5::: |
| php | php | 3.0 | cpe:/a:php:php:3.0::: |
| php | php | 5.1.0 | cpe:/a:php:php:5.1.0::: |
| php | php | 5.1.3 | cpe:/a:php:php:5.1.3::: |
| php | php | 4.1.2 | cpe:/a:php:php:4.1.2::: |
Related
cvelist
cvelist
CVE-2010-4697
2011-01-18 19:00:00
seebug
seebug
PHP ZendεΌζιζΎειη¨ε η ΄εζΌζ΄(CVE-2010-4697)
2012-04-12 00:00:00
nvd
nvd
CVE-2010-4697
2011-01-18 20:00:10
ubuntucve
ubuntucve
CVE-2010-4697
2011-01-18 00:00:00
prion
prion
Design/Logic Flaw
2011-01-18 20:00:00
openvas
openvas
PHP Zend and GD Multiple Denial of Service Vulnerabilities
2011-02-01 00:00:00
PHP 5.2 < 5.2.15 Multiple Vulnerabilities
2012-06-21 00:00:00
Ubuntu: Security Advisory (USN-1126-2)
2011-05-10 00:00:00
nessus
nessus
PHP 5.2.x < 5.2.15 Multiple Vulnerabilities
2010-12-13 00:00:00
PHP 5.2 < 5.2.15 Multiple Vulnerabilities
2010-12-13 00:00:00
PHP 5.2.x < 5.2.15 Multiple Vulnerabilities
2010-12-13 00:00:00
f5
f5
K13519 : Multiple PHP vulnerabilities
2013-09-20 00:00:00
SOL13519 - Multiple PHP vulnerabilities
2012-04-04 00:00:00
debian
debian
[SECURITY] [DSA 2408-1] php5 security update
2012-02-13 18:15:24
osv
osv
php5 - several
2012-02-13 00:00:00
securityvulns
securityvulns
PHP multiple security vulnerabilities
2011-05-01 00:00:00
[USN-1126-1] PHP vulnerabilities
2011-05-01 00:00:00
[ GLSA 201110-06 ] PHP: Multiple vulnerabilities
2011-10-12 00:00:00
ubuntu
ubuntu
PHP Regressions
2011-05-05 00:00:00
PHP vulnerabilities
2011-04-29 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2011-10-10 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
9.3
Confidence
High
EPSS
0.009
Percentile
82.4%
Related for CVE-2010-4697