Published: 25/08/2011 Updated: 09/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent malicious users to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 5.3.6

Several security issues were fixed in PHP ...

Several vulnerabilities have been discovered in PHP, the web scripting language The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1072 It was discovered that insecure handling of temporary files in the PEAR installer could lead to denial of service CVE-2011-4153 Maksymilian Arciemowicz discovered ...

CWE-399 http://www.openwall.com/lists/oss-security/2011/07/01/8 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log http://www.openwall.com/lists/oss-security/2011/07/01/6 https://bugs.php.net/bug.php?id=54681 http://securityreason.com/achievement_securityalert/100 http://svn.php.net/viewvc/?view=revision&revision=310814 http://www.securityfocus.com/bid/49252 http://www.openwall.com/lists/oss-security/2011/07/01/7 http://securityreason.com/securityalert/8342 http://www.mandriva.com/security/advisories?name=MDVSA-2011:165 http://support.apple.com/kb/HT5130 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html https://exchange.xforce.ibmcloud.com/vulnerabilities/69320 http://www.securityfocus.com/archive/1/519385/100/0/threaded https://nvd.nist.gov https://usn.ubuntu.com/1231-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-1657

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect