PHP » PHP : Security Vulnerabilities Published In 2010 (Denial Of Service)
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2010-4409 |
189 |
1
|
DoS Overflow |
2010-12-06 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument. |
2 |
CVE-2010-4150 |
399 |
|
DoS Exec Code Mem. Corr. |
2010-12-07 |
2017-09-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. |
3 |
CVE-2010-3710 |
399 |
|
DoS |
2010-10-25 |
2016-08-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string. |
4 |
CVE-2010-3709 |
20 |
1
|
DoS |
2010-11-09 |
2016-08-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive. |
5 |
CVE-2010-3064 |
119 |
|
DoS Exec Code Overflow |
2010-08-20 |
2010-12-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function. |
6 |
CVE-2010-2093 |
399 |
|
DoS |
2010-05-27 |
2010-12-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 before 5.2.13 and 5.3 before 5.3.2 allows context-dependent attackers to cause a denial of service (crash) via a stream context structure that is freed before destruction occurs. |
7 |
CVE-2010-1917 |
399 |
|
DoS |
2010-05-12 |
2017-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string. |
8 |
CVE-2010-1866 |
189 |
|
DoS Overflow Mem. Corr. Bypass |
2010-05-07 |
2010-09-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder. |
9 |
CVE-2010-0397 |
|
|
DoS |
2010-03-16 |
2010-12-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. |
Total number of vulnerabilities :
9
Page :
1
(This Page)