Lucene search

K
cve[email protected]CVE-2011-1092
HistoryMar 15, 2011 - 5:55 p.m.

CVE-2011-1092

2011-03-1517:55:00
CWE-189
web.nvd.nist.gov
114
2
cve-2011-1092
integer overflow
php
ext/shmop
denial of service
dos
sensitive memory read

6.5 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.028 Low

EPSS

Percentile

90.4%

Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.

References

Social References

More

6.5 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.028 Low

EPSS

Percentile

90.4%