PHP 5.3.x 'Intl' Extension remote denial-of-service vulnerabilit
Reporter | Title | Published | Views | Family All 48 |
---|---|---|---|---|
seebug.org | PHP "Intl"扩展"NumberFormatter::setSymbol()"函数拒绝服务漏洞 | 27 Mar 201100:00 | – | seebug |
Prion | Design/Logic Flaw | 20 Mar 201102:00 | – | prion |
Cvelist | CVE-2011-1467 | 20 Mar 201101:00 | – | cvelist |
CVE | CVE-2011-1467 | 20 Mar 201102:00 | – | cve |
NVD | CVE-2011-1467 | 20 Mar 201102:00 | – | nvd |
UbuntuCve | CVE-2011-1467 | 19 Mar 201100:00 | – | ubuntucve |
Tenable Nessus | SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7554) | 17 Jun 201100:00 | – | nessus |
Tenable Nessus | SuSE 11.1 Security Update : PHP5 (SAT Patch Number 4663) | 17 Jun 201100:00 | – | nessus |
Tenable Nessus | openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0645-1) | 13 Jun 201400:00 | – | nessus |
Tenable Nessus | SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7553) | 13 Dec 201100:00 | – | nessus |
source: https://www.securityfocus.com/bid/46968/info
PHP is prone to a remote denial-of-service vulnerability that affects the 'Intl' extension.
Successful attacks will cause the application to crash, creating a denial-of-service condition. Due to the nature of this issue, arbitrary code-execution may be possible; however, this has not been confirmed.
PHP versions prior to 5.3.6 are vulnerable.
numfmt_set_symbol(numfmt_create("en", NumberFormatter::PATTERN_DECIMAL), 2147483648, "")
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo