CVE-2010-3710

Name of the Vulnerable Software and Affected Versions PHP versions 5.2.x through 5.2.14 PHP versions 5.3.x through 5.3.3

Description A stack consumption issue in the filter var function, when FILTER VALIDATE EMAIL mode is used, allows remote attackers to cause a denial of service by consuming memory and crashing the application via a long e-mail address string.

Recommendations For PHP versions 5.2.x through 5.2.14, consider upgrading to a version outside of this range to mitigate the risk. For PHP versions 5.3.x through 5.3.3, consider upgrading to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting the use of the filter var function with FILTER VALIDATE EMAIL mode until a patch is available.