Lucene search

K

[email protected]NVD:CVE-2010-4698

HistoryJan 18, 2011 - 8:00 p.m.

CVE-2010-4698

2011-01-1820:00:10

CWE-119

[email protected]

web.nvd.nist.gov

1

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

9.3 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.8%

Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function.

Affected configurations

NVD

Node

phpphpMatch5.2.0

OR

phpphpMatch5.2.1

OR

phpphpMatch5.2.2

OR

phpphpMatch5.2.3

OR

phpphpMatch5.2.4

OR

phpphpMatch5.2.10

OR

phpphpMatch5.2.11

OR

phpphpMatch5.2.12

OR

phpphpMatch5.2.13

OR

phpphpMatch5.2.14

OR

phpphpMatch5.3.0

OR

phpphpMatch5.3.1

OR

phpphpMatch5.3.2

OR

phpphpMatch5.3.3

References

bugs.php.net/53492

marc.info/?l=bugtraq&m=133469208622507&w=2

seclists.org/fulldisclosure/2010/Dec/180

www.php.net/ChangeLog-5.php

www.securityfocus.com/bid/45338

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11939

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

9.3 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.8%

Related for NVD:CVE-2010-4698

cve1 prion1 ubuntucve1 cvelist1 openvas10 nessus14 securityvulns3 ubuntu2 f52 gentoo1