CVE-2010-1917

🗓️ 12 May 2010 00:00:00Reported by mitreType

Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string

Reporter	Title	Published	Views	Family All 82
Tenable Nessus	CentOS 4 / 5 : php (CESA-2010:0919)	2 Dec 201000:00	–	nessus
Tenable Nessus	Debian DSA-2089-1 : php5 - several vulnerabilities	23 Aug 201000:00	–	nessus
Tenable Nessus	F5 Networks BIG-IP : GNU C Library vulnerability (SOL15885)	28 Nov 201400:00	–	nessus
Tenable Nessus	Fedora 12 : maniadrive-1.2-22.fc12 / php-5.3.3-1.fc12 / php-eaccelerator-0.9.6.1-2.fc12 (2010-11428)	24 Aug 201000:00	–	nessus
Tenable Nessus	Fedora 13 : maniadrive-1.2-22.fc13 / php-5.3.3-1.fc13 / php-eaccelerator-0.9.6.1-2.fc13 (2010-11481)	24 Aug 201000:00	–	nessus
Tenable Nessus	GLSA-201110-06 : PHP: Multiple vulnerabilities	12 Oct 201100:00	–	nessus
Tenable Nessus	HP System Management Homepage < 6.3 Multiple Vulnerabilities	22 Apr 201100:00	–	nessus
Tenable Nessus	MiracleLinux 3 : php-5.1.6-27.3.0.1.AXS3 (AXSA:2010-502:05)	14 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 5 : php (ELSA-2010-0919)	12 Jul 201300:00	–	nessus
Tenable Nessus	PHP 5.3 < 5.3.3 Multiple Vulnerabilities	4 Aug 201000:00	–	nessus

Source	Link
php-security	www.php-security.org/2010/05/11/mops-2010-021-php-fnmatch-stack-exhaustion-vulnerability/index.html
lists	www.lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
redhat	www.redhat.com/support/errata/RHSA-2010-0919.html
secunia	www.secunia.com/advisories/40860
lists	www.lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/58585
debian	www.debian.org/security/2010/dsa-2089
marc	www.marc.info/
vupen	www.vupen.com/english/advisories/2010/3081
secunia	www.secunia.com/advisories/42410

16 Aug 2017 14:57Current

9High risk

Vulners AI Score9

EPSS0.01661