Lucene search
Ubuntu.comUB:CVE-2010-0397HistoryMar 16, 2010 - 12:00 a.m.
CVE-2010-0397
2010-03-1600:00:00
ubuntu.com
ubuntu.com
16
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.026 Low
EPSS
Percentile
90.2%
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing
methodName element in the first argument to the xmlrpc_decode_request
function, which allows context-dependent attackers to cause a denial of
service (NULL pointer dereference and application crash) and possibly have
unspecified other impact via a crafted argument.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573573>
- <http://bugs.php.net/bug.php?id=51288>
Notes
| Author | Note |
|---|---|
| mdeslaur | reproducer in debian bug |
Related
openvas
openvas
Mandriva Update for drakconf MDVA-2010:068 (drakconf)
2010-02-19 00:00:00
Mandriva Update for drakconf MDVA-2010:068 (drakconf)
2010-02-19 00:00:00
Debian: Security Advisory (DSA-2018-1)
2023-03-08 00:00:00
seebug
seebug
PHP xmlrpcζ©ε±η©ΊζιεΌη¨ζη»ζε‘ζΌζ΄
2010-03-19 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : php (MDVSA-2010:068)
2010-03-29 00:00:00
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0255-1)
2010-05-18 00:00:00
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0255-2)
2010-05-18 00:00:00
prion
prion
Null pointer dereference
2010-03-16 19:30:00
cve
cve
CVE-2010-0397
2010-03-16 19:30:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:57
f5
f5
SOL12156 - PHP xmlrpc vulnerability - CVE-2010-0397
2010-10-14 00:00:00
K12156 : PHP xmlrpc vulnerability - CVE-2010-0397
2013-07-03 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA-2018-1] New php5 packages fix null pointer dereference
2010-03-21 00:00:00
PHP DoS
2010-03-21 00:00:00
[USN-989-1] PHP vulnerabilities
2010-09-27 00:00:00
osv
osv
php5 - null pointer dereference
2010-03-18 00:00:00
debian
debian
[SECURITY] [DSA-2018-1] New php5 packages fix null pointer dereference
2010-03-18 16:38:27
fedora
fedora
[SECURITY] Fedora 12 Update: php-5.3.3-1.fc12
2010-08-23 22:08:06
[SECURITY] Fedora 13 Update: maniadrive-1.2-22.fc13
2010-08-23 22:00:56
[SECURITY] Fedora 13 Update: php-eaccelerator-0.9.6.1-2.fc13
2010-08-23 22:00:56
oraclelinux
oraclelinux
php security update
2010-11-29 00:00:00
centos
centos
php security update
2010-11-30 12:21:14
redhat
redhat
(RHSA-2010:0919) Moderate: php security update
2010-11-29 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2010-09-20 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.026 Low
EPSS
Percentile
90.2%
Related for UB:CVE-2010-0397