Lucene search

[email protected]NVD:CVE-2010-4409

HistoryDec 06, 2010 - 8:13 p.m.

CVE-2010-4409

2010-12-0620:13:00

CWE-189

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

9.2 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.0%

JSON

Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.

Affected configurations

NVD

Node

phpphpRange≤5.3.3

phpphpMatch1.0

phpphpMatch2.0

phpphpMatch2.0b10

phpphpMatch3.0

phpphpMatch3.0.1

phpphpMatch3.0.2

phpphpMatch3.0.3

phpphpMatch3.0.4

phpphpMatch3.0.5

phpphpMatch3.0.6

phpphpMatch3.0.7

phpphpMatch3.0.8

phpphpMatch3.0.9

phpphpMatch3.0.10

phpphpMatch3.0.11

phpphpMatch3.0.12

phpphpMatch3.0.13

phpphpMatch3.0.14

phpphpMatch3.0.15

phpphpMatch3.0.16

phpphpMatch3.0.17

phpphpMatch3.0.18

phpphpMatch4.0

phpphpMatch4.0beta_4_patch1

phpphpMatch4.0beta1

phpphpMatch4.0beta2

phpphpMatch4.0beta3

phpphpMatch4.0beta4

phpphpMatch4.0.0

phpphpMatch4.0.1

phpphpMatch4.0.2

phpphpMatch4.0.3

phpphpMatch4.0.4

phpphpMatch4.0.5

phpphpMatch4.0.6

phpphpMatch4.0.7

phpphpMatch4.1.0

phpphpMatch4.1.1

phpphpMatch4.1.2

phpphpMatch4.2.0

phpphpMatch4.2.1

phpphpMatch4.2.2

phpphpMatch4.2.3

phpphpMatch4.3.0

phpphpMatch4.3.1

phpphpMatch4.3.2

phpphpMatch4.3.3

phpphpMatch4.3.4

phpphpMatch4.3.5

phpphpMatch4.3.6

phpphpMatch4.3.7

phpphpMatch4.3.8

phpphpMatch4.3.9

phpphpMatch4.3.10

phpphpMatch4.3.11

phpphpMatch4.4.0

phpphpMatch4.4.1

phpphpMatch4.4.2

phpphpMatch4.4.3

phpphpMatch4.4.4

phpphpMatch4.4.5

phpphpMatch4.4.6

phpphpMatch4.4.7

phpphpMatch4.4.8

phpphpMatch4.4.9

phpphpMatch5.3.0

phpphpMatch5.3.1

phpphpMatch5.3.2

References

lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html

lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html

lists.opensuse.org/opensuse-updates/2012-01/msg00035.html

secunia.com/advisories/42812

secunia.com/advisories/47674

support.apple.com/kb/HT4581

svn.php.net/viewvc/php/php-src/trunk/ext/intl/formatter/formatter_attr.c?r1=305571&r2=305570&pathrev=305571

svn.php.net/viewvc?view=revision&revision=305571

www.exploit-db.com/exploits/15722

www.kb.cert.org/vuls/id/479900

www.mandriva.com/security/advisories?name=MDVSA-2010:254

www.mandriva.com/security/advisories?name=MDVSA-2010:255

www.php.net/ChangeLog-5.php

www.securityfocus.com/archive/1/515142/100/0/threaded

www.securityfocus.com/bid/45119

www.ubuntu.com/usn/USN-1042-1

www.vupen.com/english/advisories/2011/0020

www.vupen.com/english/advisories/2011/0021

www.vupen.com/english/advisories/2011/0077

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

9.2 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.0%

JSON

Related for NVD:CVE-2010-4409

securityvulns6 ubuntucve2 openvas32 seebug1 cvelist2 packetstorm1 prion2 nessus18 exploitpack1 cve2 exploitdb1 nvd1 ubuntu1 fedora6 gentoo1