CVE-2011-1464

2011-03-1900:00:00

ubuntu.com

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.022 Low

EPSS

Percentile

89.4%

JSON

Buffer overflow in the strval function in PHP before 5.3.6, when the
precision configuration option has a large value, might allow
context-dependent attackers to cause a denial of service (application
crash) via a small numerical value in the argument.

Bugs

<http://bugs.php.net/bug.php?id=54055>

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchphp5< 5.1.2-1ubuntu3.22UNKNOWN
ubuntu8.04noarchphp5< 5.2.4-2ubuntu5.15UNKNOWN
ubuntu9.10noarchphp5< 5.2.10.dfsg.1-2ubuntu6.9UNKNOWN
ubuntu10.04noarchphp5< 5.3.2-1ubuntu4.8UNKNOWN
ubuntu10.10noarchphp5< 5.3.3-1ubuntu9.4UNKNOWN
ubuntu11.04noarchphp5< 5.3.5-1ubuntu7.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	php5	< 5.1.2-1ubuntu3.22	UNKNOWN
ubuntu	8.04	noarch	php5	< 5.2.4-2ubuntu5.15	UNKNOWN
ubuntu	9.10	noarch	php5	< 5.2.10.dfsg.1-2ubuntu6.9	UNKNOWN
ubuntu	10.04	noarch	php5	< 5.3.2-1ubuntu4.8	UNKNOWN
ubuntu	10.10	noarch	php5	< 5.3.3-1ubuntu9.4	UNKNOWN
ubuntu	11.04	noarch	php5	< 5.3.5-1ubuntu7.1	UNKNOWN