Published: 20/03/2011 Updated: 30/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Buffer overflow in the strval function in PHP prior to 5.3.6, when the precision configuration option has a large value, might allow context-dependent malicious users to cause a denial of service (application crash) via a small numerical value in the argument.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 5.3.0
php php 4.0.3
php php 4.0.4
php php 4.0
php php 4.1.0
php php 4.2.2
php php 4.2.3
php php 4.3.2
php php 4.3.3
php php 4.3.4
php php 4.4.1
php php 4.4.2
php php 4.4.9
php php 3.0.11
php php 3.0.4
php php 3.0.3
php php 3.0.8
php php 3.0.5
php php 5.2.10
php php 5.2.13
php php 5.2.14
php php 5.2.1
php php 5.1.3
php php 5.1.2
php php 5.0.4
php php 5.0.3
php php 5.0.0
php php 4.0.0
php php 4.2.0
php php 4.3.1
php php 4.3.7
php php 4.3.8
php php 4.4.5
php php 4.4.6
php php 3.0.12
php php 3.0.1
php php 3.0.17
php php 3.0.16
php php 2.0
php php 1.0
php php 5.2.0
php php 5.2.4
php php 5.2.15
php php 5.2.16
php php 5.1.6
php php 5.1.4
php php 5.0.2
php php 5.3.4
php php
php php 5.3.1
php php 5.3.2
php php 4.0.5
php php 4.0.6
php php 4.0.7
php php 4.1.1
php php 4.1.2
php php 4.3.0
php php 4.3.5
php php 4.3.6
php php 4.4.3
php php 4.4.4
php php 3.0.10
php php 3.0.13
php php 3.0.15
php php 3.0.14
php php 3.0.6
php php 2.0b10
php php 5.2.11
php php 5.2.5
php php 5.2.2
php php 5.2.17
php php 5.1.1
php php 5.1.0
php php 5.3.3
php php 4.0.1
php php 4.0.2
php php 4.2.1
php php 4.3.10
php php 4.3.11
php php 4.3.9
php php 4.4.0
php php 4.4.7
php php 4.4.8
php php 3.0
php php 3.0.2
php php 3.0.18
php php 3.0.9
php php 3.0.7
php php 5.2.9
php php 5.2.12
php php 5.2.6
php php 5.2.8
php php 5.2.3
php php 5.2.7
php php 5.1.5
php php 5.0.5
php php 5.0.1

Several vulnerabilities have been discovered in PHP, the web scripting language The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1072 It was discovered that insecure handling of temporary files in the PEAR installer could lead to denial of service CVE-2011-4153 Maksymilian Arciemowicz discovered ...

USN 1126-1 introduced two regressions in PHP ...

Multiple vulnerabilities in PHP ...

CWE-119 http://www.php.net/ChangeLog-5.php http://bugs.php.net/bug.php?id=54055 http://www.php.net/archive/2011.php http://www.php.net/releases/5_3_6.php http://www.mandriva.com/security/advisories?name=MDVSA-2011:052 http://www.mandriva.com/security/advisories?name=MDVSA-2011:053 http://www.vupen.com/english/advisories/2011/0744 http://marc.info/?l=bugtraq&m=133469208622507&w=2 https://nvd.nist.gov https://www.debian.org/security/./dsa-2408 https://usn.ubuntu.com/1126-2/

Get Started

CVE-2011-1464

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect