The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html | Mailing List |
http://php-security.org/2010/05/02/mops-2010-003-php-dechunk-filter-signed-comparison-vulnerability/index.html | Broken Link Exploit |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
08 Feb 2024, 18:38
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-190 | |
References | () http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html - Mailing List | |
References | () http://php-security.org/2010/05/02/mops-2010-003-php-dechunk-filter-signed-comparison-vulnerability/index.html - Broken Link, Exploit | |
First Time |
Suse linux Enterprise
Suse Opensuse opensuse Opensuse |
|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CPE | cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:* |
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:* cpe:2.3:a:php:php:*:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:11.0:-:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:11.0:sp1:*:*:*:*:*:* |
Information
Published : 2010-05-07 23:00
Updated : 2024-02-08 18:38
NVD link : CVE-2010-1866
Mitre link : CVE-2010-1866
CVE.ORG link : CVE-2010-1866
JSON object : View
Products Affected
suse
- linux_enterprise
php
- php
opensuse
- opensuse
CWE
CWE-190
Integer Overflow or Wraparound