Published: 07/05/2010 Updated: 08/02/2024

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The dechunk filter in PHP 5.3 up to and including 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent malicious users to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php
opensuse opensuse 11.1
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux enterprise 11.0
suse linux enterprise 10.0

Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests An attacker could exploit this issue to cause the PHP server to crash, resulting in a denial of service This issue only affected Ubuntu 606 LTS, 804 LTS, 904 and 910 (CVE-2010-0397) ...

source: wwwsecurityfocuscom/bid/39877/info PHP is prone to a remote integer-overflow vulnerability An attacker can exploit this issue to execute arbitrary code in the context of the PHP process Failed exploit attempts will result in a denial-of-service condition PHP 530 through 532 are vulnerable; other versions may also be affec ...

CWE-190 http://php-security.org/2010/05/02/mops-2010-003-php-dechunk-filter-signed-comparison-vulnerability/index.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html https://usn.ubuntu.com/989-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/33920/

CVE-2010-1866

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect