Lucene search

[email protected]CVE-2011-1092

HistoryMar 15, 2011 - 5:55 p.m.

CVE-2011-1092

2011-03-1517:55:04

CWE-189

[email protected]

web.nvd.nist.gov

128

cve-2011-1092

integer overflow

php

ext/shmop

denial of service

dos

sensitive memory read

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

High

EPSS

0.028

Percentile

90.6%

JSON

Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.

Affected configurations

NVD

Node

phpphpRange≤5.3.5

phpphpMatch1.0

phpphpMatch2.0

phpphpMatch2.0b10

phpphpMatch3.0

phpphpMatch3.0.1

phpphpMatch3.0.2

phpphpMatch3.0.3

phpphpMatch3.0.4

phpphpMatch3.0.5

phpphpMatch3.0.6

phpphpMatch3.0.7

phpphpMatch3.0.8

phpphpMatch3.0.9

phpphpMatch3.0.10

phpphpMatch3.0.11

phpphpMatch3.0.12

phpphpMatch3.0.13

phpphpMatch3.0.14

phpphpMatch3.0.15

phpphpMatch3.0.16

phpphpMatch3.0.17

phpphpMatch3.0.18

phpphpMatch4.0

phpphpMatch4.0beta_4_patch1

phpphpMatch4.0beta1

phpphpMatch4.0beta2

phpphpMatch4.0beta3

phpphpMatch4.0beta4

phpphpMatch4.0.0

phpphpMatch4.0.1

phpphpMatch4.0.2

phpphpMatch4.0.3

phpphpMatch4.0.4

phpphpMatch4.0.5

phpphpMatch4.0.6

phpphpMatch4.0.7

phpphpMatch4.1.0

phpphpMatch4.1.1

phpphpMatch4.1.2

phpphpMatch4.2.0

phpphpMatch4.2.1

phpphpMatch4.2.2

phpphpMatch4.2.3

phpphpMatch4.3.0

phpphpMatch4.3.1

phpphpMatch4.3.2

phpphpMatch4.3.3

phpphpMatch4.3.4

phpphpMatch4.3.5

phpphpMatch4.3.6

phpphpMatch4.3.7

phpphpMatch4.3.8

phpphpMatch4.3.9

phpphpMatch4.3.10

phpphpMatch4.3.11

phpphpMatch4.4.0

phpphpMatch4.4.1

phpphpMatch4.4.2

phpphpMatch4.4.3

phpphpMatch4.4.4

phpphpMatch4.4.5

phpphpMatch4.4.6

phpphpMatch4.4.7

phpphpMatch4.4.8

phpphpMatch4.4.9

phpphpMatch5.0.0

phpphpMatch5.0.0beta1

phpphpMatch5.0.0beta2

phpphpMatch5.0.0beta3

phpphpMatch5.0.0beta4

phpphpMatch5.0.0rc1

phpphpMatch5.0.0rc2

phpphpMatch5.0.0rc3

phpphpMatch5.0.1

phpphpMatch5.0.2

phpphpMatch5.0.3

phpphpMatch5.0.4

phpphpMatch5.0.5

phpphpMatch5.1.0

phpphpMatch5.1.1

phpphpMatch5.1.2

phpphpMatch5.1.3

phpphpMatch5.1.4

phpphpMatch5.1.5

phpphpMatch5.1.6

phpphpMatch5.2.0

phpphpMatch5.2.1

phpphpMatch5.2.2

phpphpMatch5.2.3

phpphpMatch5.2.4

phpphpMatch5.2.4windows

phpphpMatch5.2.5

phpphpMatch5.2.6

phpphpMatch5.2.7

phpphpMatch5.2.8

phpphpMatch5.2.9

phpphpMatch5.2.10

phpphpMatch5.2.11

phpphpMatch5.2.12

phpphpMatch5.2.13

phpphpMatch5.2.14

phpphpMatch5.2.15

phpphpMatch5.2.16

phpphpMatch5.2.17

phpphpMatch5.3.0

phpphpMatch5.3.1

phpphpMatch5.3.2

phpphpMatch5.3.3

phpphpMatch5.3.4

VendorProductVersionCPE
phpphp4.3.3cpe:/a:php:php:4.3.3:::
phpphp4.0.2cpe:/a:php:php:4.0.2:::
phpphp3.0.3cpe:/a:php:php:3.0.3:::
phpphp5.2.16cpe:/a:php:php:5.2.16:::
phpphp4.3.9cpe:/a:php:php:4.3.9:::
phpphp4.4.0cpe:/a:php:php:4.4.0:::
phpphp5.1.0cpe:/a:php:php:5.1.0:::
phpphp1.0cpe:/a:php:php:1.0:::
phpphp5.0.0cpe:/a:php:php:5.0.0:rc1::
phpphp4.0cpe:/a:php:php:4.0:::

Vendor	Product	Version	CPE
php	php	4.3.3	cpe:/a:php:php:4.3.3:::
php	php	4.0.2	cpe:/a:php:php:4.0.2:::
php	php	3.0.3	cpe:/a:php:php:3.0.3:::
php	php	5.2.16	cpe:/a:php:php:5.2.16:::
php	php	4.3.9	cpe:/a:php:php:4.3.9:::
php	php	4.4.0	cpe:/a:php:php:4.4.0:::
php	php	5.1.0	cpe:/a:php:php:5.1.0:::
php	php	1.0	cpe:/a:php:php:1.0:::
php	php	5.0.0	cpe:/a:php:php:5.0.0:rc1::
php	php	4.0	cpe:/a:php:php:4.0:::