10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.037 Low
EPSS
Percentile
91.7%
SecurityFocus reports:
PHP is prone to a buffer-overflow vulnerability because it fails to
perform boundary checks before copying user-supplied data to
insufficiently sized memory buffers. The issue affects the βmbstringβ
extension included in the standard distribution.
An attacker can exploit this issue to execute arbitrary machine
code in the context of the affected webserver. Failed exploit attempts
will likely crash the webserver, denying service to legitimate
users.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | php4-mbstring | <Β 4.4.9 | UNKNOWN |
FreeBSD | any | noarch | php5-mbstring | <Β 5.2.9 | UNKNOWN |