CVE-2011-0421

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.3.6

Description The issue is related to the zip name locate function in the Zip extension, which does not properly handle a ZIPARCHIVE::FL UNCHANGED argument. This might allow attackers to cause a denial of service via an empty ZIP archive that is processed with a locateName or statName operation. The vulnerability is associated with a NULL pointer dereference, which can be exploited by a remote attacker to cause a denial of service.

Recommendations For PHP versions prior to 5.3.6, update to version 5.3.6 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the ZIPARCHIVE::FL UNCHANGED argument in the zip name locate function until a patch is available. Restrict access to the Zip extension to minimize the risk of exploitation.