Lucene search
Ubuntu.comUB:CVE-2011-1657HistoryAug 25, 2011 - 12:00 a.m.
CVE-2011-1657
2011-08-2500:00:00
ubuntu.com
ubuntu.com
11
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.018 Low
EPSS
Percentile
88.2%
The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in
ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers to cause a
denial of service (application crash) via certain flags arguments, as
demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND.
Bugs
Notes
| Author | Note |
|---|---|
| sbeattie | 5.3 only, php 5.2.x does not support glob patterns |
Related
prion
prion
Design/Logic Flaw
2011-08-25 14:22:00
cve
cve
CVE-2011-1657
2011-08-25 14:22:00
nessus
nessus
PHP 5.3 < 5.3.7 Multiple Vulnerabilities
2011-08-23 00:00:00
PHP 5.3.x < 5.3.7 Multiple Vulnerabilities
2011-08-23 00:00:00
PHP 5.3 < 5.3.7 Multiple Vulnerabilities
2011-08-22 00:00:00
openvas
openvas
PHP Multiple Vulnerabilities - Sep11 (Windows)
2011-09-07 00:00:00
Ubuntu Update for php5 USN-1231-1
2011-10-21 00:00:00
Ubuntu Update for php5 USN-1231-1
2011-10-21 00:00:00
securityvulns
securityvulns
PHP multiple security vulnerabilities
2011-08-27 00:00:00
[ MDVSA-2012:071 ] php
2012-05-14 00:00:00
Apple OS X multiple security vulnerabilities
2012-02-03 00:00:00
ubuntu
ubuntu
PHP Vulnerabilities
2011-10-18 00:00:00
osv
osv
php5 - several
2012-02-13 00:00:00
debian
debian
[SECURITY] [DSA 2408-1] php5 security update
2012-02-13 18:15:24
gentoo
gentoo
PHP: Multiple vulnerabilities
2011-10-10 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.018 Low
EPSS
Percentile
88.2%
Related for UB:CVE-2011-1657