PT-2011-4295 · Php+1 · Php+1

Josh Bressers

Publicado

2011-08-25

Atualizado

2017-08-29

CVE-2011-3182

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.3.7

Description The issue allows context-dependent attackers to cause a denial of service or trigger a buffer overflow by providing an arbitrary value for a function argument. This is related to multiple files, including ext/curl/interface.c, ext/date/lib/parse date.c, ext/date/lib/parse iso intervals.c, ext/date/lib/parse tz.c, ext/date/lib/timelib.c, ext/pdo odbc/pdo odbc.c, ext/reflection/php reflection.c, ext/soap/php sdl.c, ext/xmlrpc/libxmlrpc/base64.c, TSRM/tsrm win32.c, and the strtotime function.

Recommendations For PHP versions prior to 5.3.7, update to version 5.3.7 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2011-3182

DSA-2408-1

Produtos afetados

Php

Suse

PT-2011-4295 · Php+1 · Php+1

CVE-2011-3182

Identificadores relacionados

Produtos afetados

Referências · 12