Vulnerability-Lookup

CVE-2010-4645 (GCVE-0-2010-4645)

Vulnerability from cvelistv5 – Published: 2011-01-11 01:00 – Updated: 2025-02-13 16:27

Summary

strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.vupen.com/english/advisories/2011/0077	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/45668	vdb-entryx_refsource_BID
	http://marc.info/?l=bugtraq&m=133226187115472&w=2	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/42812	third-party-advisoryx_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisoryx_refsource_HP
	http://www.redhat.com/support/errata/RHSA-2011-01…	vendor-advisoryx_refsource_REDHAT
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/01/05/8	mailing-listx_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2011-01…	vendor-advisoryx_refsource_REDHAT
	http://bugs.php.net/53632	x_refsource_CONFIRM
	http://hal.archives-ouvertes.fr/docs/00/28/14/29/…	x_refsource_MISC
	http://www.exploringbinary.com/php-hangs-on-numer…	x_refsource_MISC
	http://www.vupen.com/english/advisories/2011/0198	vdb-entryx_refsource_VUPEN
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://www.vupen.com/english/advisories/2011/0066	vdb-entryx_refsource_VUPEN
	http://www.ubuntu.com/usn/USN-1042-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.apple.com/archives/Security-announce…	vendor-advisoryx_refsource_APPLE
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/42843	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0060	vdb-entryx_refsource_VUPEN
	http://support.apple.com/kb/HT5002	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/43189	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/43051	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/01/05/2	mailing-listx_refsource_MLIST
	http://svn.php.net/viewvc/php/php-src/branches/PH…	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2011/01/06/5	mailing-listx_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2023/05/14/3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:51:17.956Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0077"
          },
          {
            "name": "45668",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/45668"
          },
          {
            "name": "HPSBMU02752",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133226187115472\u0026w=2"
          },
          {
            "name": "42812",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42812"
          },
          {
            "name": "HPSBOV02763",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
          },
          {
            "name": "RHSA-2011:0196",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0196.html"
          },
          {
            "name": "FEDORA-2011-0321",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html"
          },
          {
            "name": "[oss-security] 20110105 Re: possible flaw in widely used strtod.c implementation",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/01/05/8"
          },
          {
            "name": "RHSA-2011:0195",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0195.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.php.net/53632"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/"
          },
          {
            "name": "ADV-2011-0198",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0198"
          },
          {
            "name": "SSA:2011-010-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.484686"
          },
          {
            "name": "ADV-2011-0066",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0066"
          },
          {
            "name": "USN-1042-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1042-1"
          },
          {
            "name": "APPLE-SA-2011-10-12-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "name": "FEDORA-2011-0329",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html"
          },
          {
            "name": "42843",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42843"
          },
          {
            "name": "ADV-2011-0060",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0060"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "name": "php-zendstrtod-dos(64470)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64470"
          },
          {
            "name": "43189",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43189"
          },
          {
            "name": "43051",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43051"
          },
          {
            "name": "[oss-security] 20110105 possible flaw in widely used strtod.c implementation",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/01/05/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327\u0026r2=307095\u0026pathrev=307095"
          },
          {
            "name": "[oss-security] 20110106 Re: possible flaw in widely used strtod.c implementation",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/01/06/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/05/14/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-01-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-14T23:06:14.118Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "ADV-2011-0077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0077"
        },
        {
          "name": "45668",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/45668"
        },
        {
          "name": "HPSBMU02752",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133226187115472\u0026w=2"
        },
        {
          "name": "42812",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42812"
        },
        {
          "name": "HPSBOV02763",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
        },
        {
          "name": "RHSA-2011:0196",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0196.html"
        },
        {
          "name": "FEDORA-2011-0321",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html"
        },
        {
          "name": "[oss-security] 20110105 Re: possible flaw in widely used strtod.c implementation",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/01/05/8"
        },
        {
          "name": "RHSA-2011:0195",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0195.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.php.net/53632"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/"
        },
        {
          "name": "ADV-2011-0198",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0198"
        },
        {
          "name": "SSA:2011-010-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.484686"
        },
        {
          "name": "ADV-2011-0066",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0066"
        },
        {
          "name": "USN-1042-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1042-1"
        },
        {
          "name": "APPLE-SA-2011-10-12-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
        },
        {
          "name": "FEDORA-2011-0329",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html"
        },
        {
          "name": "42843",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42843"
        },
        {
          "name": "ADV-2011-0060",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0060"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5002"
        },
        {
          "name": "php-zendstrtod-dos(64470)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64470"
        },
        {
          "name": "43189",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43189"
        },
        {
          "name": "43051",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43051"
        },
        {
          "name": "[oss-security] 20110105 possible flaw in widely used strtod.c implementation",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/01/05/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327\u0026r2=307095\u0026pathrev=307095"
        },
        {
          "name": "[oss-security] 20110106 Re: possible flaw in widely used strtod.c implementation",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/01/06/5"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/05/14/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-4645",
    "datePublished": "2011-01-11T01:00:00.000Z",
    "dateReserved": "2011-01-03T00:00:00.000Z",
    "dateUpdated": "2025-02-13T16:27:09.666Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2010-4645

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-4645

Aliases

CVE-2010-4645

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-4645",
    "description": "strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.",
    "id": "GSD-2010-4645",
    "references": [
      "https://www.suse.com/security/cve/CVE-2010-4645.html",
      "https://access.redhat.com/errata/RHSA-2011:0196",
      "https://access.redhat.com/errata/RHSA-2011:0195",
      "https://linux.oracle.com/cve/CVE-2010-4645.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-4645"
      ],
      "details": "strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.",
      "id": "GSD-2010-4645",
      "modified": "2023-12-13T01:21:30.057959Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2010-4645",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.vupen.com/english/advisories/2011/0077",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2011/0077"
          },
          {
            "name": "http://www.securityfocus.com/bid/45668",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/45668"
          },
          {
            "name": "http://marc.info/?l=bugtraq\u0026m=133226187115472\u0026w=2",
            "refsource": "MISC",
            "url": "http://marc.info/?l=bugtraq\u0026m=133226187115472\u0026w=2"
          },
          {
            "name": "http://secunia.com/advisories/42812",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/42812"
          },
          {
            "name": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2",
            "refsource": "MISC",
            "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2011-0196.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0196.html"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2011/01/05/8",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2011/01/05/8"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2011-0195.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0195.html"
          },
          {
            "name": "http://bugs.php.net/53632",
            "refsource": "MISC",
            "url": "http://bugs.php.net/53632"
          },
          {
            "name": "http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf",
            "refsource": "MISC",
            "url": "http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf"
          },
          {
            "name": "http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/",
            "refsource": "MISC",
            "url": "http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2011/0198",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2011/0198"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.484686",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.484686"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2011/0066",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2011/0066"
          },
          {
            "name": "http://www.ubuntu.com/usn/USN-1042-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/USN-1042-1"
          },
          {
            "name": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html"
          },
          {
            "name": "http://secunia.com/advisories/42843",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/42843"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2011/0060",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2011/0060"
          },
          {
            "name": "http://support.apple.com/kb/HT5002",
            "refsource": "MISC",
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64470",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64470"
          },
          {
            "name": "http://secunia.com/advisories/43189",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/43189"
          },
          {
            "name": "http://secunia.com/advisories/43051",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/43051"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2011/01/05/2",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2011/01/05/2"
          },
          {
            "name": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327\u0026r2=307095\u0026pathrev=307095",
            "refsource": "MISC",
            "url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327\u0026r2=307095\u0026pathrev=307095"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2011/01/06/5",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2011/01/06/5"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2023/05/14/3",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2023/05/14/3"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2010-4645"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf",
              "refsource": "MISC",
              "tags": [],
              "url": "http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf"
            },
            {
              "name": "45668",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/45668"
            },
            {
              "name": "[oss-security] 20110105 Re: possible flaw in widely used strtod.c implementation",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2011/01/05/8"
            },
            {
              "name": "http://bugs.php.net/53632",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit"
              ],
              "url": "http://bugs.php.net/53632"
            },
            {
              "name": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327\u0026r2=307095\u0026pathrev=307095",
              "refsource": "MISC",
              "tags": [
                "Patch"
              ],
              "url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327\u0026r2=307095\u0026pathrev=307095"
            },
            {
              "name": "[oss-security] 20110106 Re: possible flaw in widely used strtod.c implementation",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2011/01/06/5"
            },
            {
              "name": "ADV-2011-0060",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0060"
            },
            {
              "name": "[oss-security] 20110105 possible flaw in widely used strtod.c implementation",
              "refsource": "MLIST",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/01/05/2"
            },
            {
              "name": "SSA:2011-010-01",
              "refsource": "SLACKWARE",
              "tags": [],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.484686"
            },
            {
              "name": "42843",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42843"
            },
            {
              "name": "ADV-2011-0066",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0066"
            },
            {
              "name": "http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/"
            },
            {
              "name": "42812",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42812"
            },
            {
              "name": "ADV-2011-0077",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0077"
            },
            {
              "name": "USN-1042-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-1042-1"
            },
            {
              "name": "FEDORA-2011-0321",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html"
            },
            {
              "name": "FEDORA-2011-0329",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html"
            },
            {
              "name": "43051",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43051"
            },
            {
              "name": "ADV-2011-0198",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0198"
            },
            {
              "name": "RHSA-2011:0196",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0196.html"
            },
            {
              "name": "43189",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43189"
            },
            {
              "name": "RHSA-2011:0195",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0195.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5002",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT5002"
            },
            {
              "name": "APPLE-SA-2011-10-12-3",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
            },
            {
              "name": "HPSBMU02752",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=133226187115472\u0026w=2"
            },
            {
              "name": "SSRT100826",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
            },
            {
              "name": "php-zendstrtod-dos(64470)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64470"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2023/05/14/3",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2023/05/14/3"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-05-15T00:15Z",
      "publishedDate": "2011-01-11T03:00Z"
    }
  }
}

CERTA-2011-AVI-003

Vulnerability from certfr_avis - Published: 2011-01-07 - Updated: 2011-01-07

Une vulnérabilité dans PHP permettant de provoquer un déni de service à distance a été trouvée.

Description

Une vulnérabilité affectant le traitement de certaines valeurs en virgule flottante dans PHP a été découverte. Elle permet à une personne malintentionnée de provoquer un déni de service à distance au moyen d'une valeur spécifique.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	PHP	PHP	PHP 5.2.16 et les versions antérieures.
	PHP	PHP	PHP 5.3.4 et les versions antérieures ;

References

Title

Publication Time

Tags

Note de mise à jour PHP 5.3.5 et 5.2.17 du 06 janvier 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PHP 5.2.16 et les versions ant\u00e9rieures.",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    },
    {
      "description": "PHP 5.3.4 et les versions ant\u00e9rieures ;",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 affectant le traitement de certaines valeurs en\nvirgule flottante dans PHP a \u00e9t\u00e9 d\u00e9couverte. Elle permet \u00e0 une personne\nmalintentionn\u00e9e de provoquer un d\u00e9ni de service \u00e0 distance au moyen\nd\u0027une valeur sp\u00e9cifique.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4645"
    }
  ],
  "initial_release_date": "2011-01-07T00:00:00",
  "last_revision_date": "2011-01-07T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-003",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-01-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans PHP permettant de provoquer un d\u00e9ni de service \u00e0\ndistance a \u00e9t\u00e9 trouv\u00e9e.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans PHP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Note de mise \u00e0 jour PHP 5.3.5 et 5.2.17 du 06 janvier 2011",
      "url": "http://www.php.net/archive/2011.php#id2011-01-06-1"
    }
  ]
}

CERTA-2012-AVI-219

Vulnerability from certfr_avis - Published: 2012-04-18 - Updated: 2012-04-18

De multiples vulnérabilités ont étés corrigées dans HP OpenVMS. Ces vulnérabilités affectent plusieurs éléments du produit. Elles permettent de contourner des politiques de sécurité, de s'élever des privilèges, d'effectuer des modifications non autorisées, de causer des dénis de service et d'accéder à des informations non permises.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Centreon	Web	HP Secure Web Server (SWS) pour OpenVMS utilisant CSWS_JAVA V3.1 et antérieures ;
Centreon	N/A	HP OpenVMS utilisant V7.3-2 Alpha, V8.3 Alpha/IA64, V8.3-1h1 IA64 et V8.4 Alpha/IA64.
Centreon	N/A	HP Secure Web Server (SWS) pour OpenVMS utilisant PHP V2.2 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité HP c03281867 du 16 avril 2012	None	vendor-advisory
Bulletin de sécurité HP c03281831 du 16 avril 2012	None	vendor-advisory
Bulletin de sécurité HP c03281869 du 16 avril 2012	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP Secure Web Server (SWS) pour OpenVMS utilisant CSWS_JAVA V3.1 et ant\u00e9rieures ;",
      "product": {
        "name": "Web",
        "vendor": {
          "name": "Centreon",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenVMS utilisant V7.3-2 Alpha, V8.3 Alpha/IA64, V8.3-1h1 IA64 et V8.4 Alpha/IA64.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Centreon",
          "scada": false
        }
      }
    },
    {
      "description": "HP Secure Web Server (SWS) pour OpenVMS utilisant PHP V2.2 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Centreon",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-2202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2202"
    },
    {
      "name": "CVE-2010-3870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3870"
    },
    {
      "name": "CVE-2010-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
    },
    {
      "name": "CVE-2010-4697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4697"
    },
    {
      "name": "CVE-2010-3709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3709"
    },
    {
      "name": "CVE-2011-2729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2729"
    },
    {
      "name": "CVE-2011-0421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0421"
    },
    {
      "name": "CVE-2011-3190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3190"
    },
    {
      "name": "CVE-2010-3710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3710"
    },
    {
      "name": "CVE-2010-2100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2100"
    },
    {
      "name": "CVE-2010-2484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2484"
    },
    {
      "name": "CVE-2009-2901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2901"
    },
    {
      "name": "CVE-2010-2531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2531"
    },
    {
      "name": "CVE-2009-2693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2693"
    },
    {
      "name": "CVE-2009-2902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2902"
    },
    {
      "name": "CVE-2010-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4645"
    },
    {
      "name": "CVE-2012-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0134"
    },
    {
      "name": "CVE-2009-0580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0580"
    },
    {
      "name": "CVE-2011-0752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0752"
    },
    {
      "name": "CVE-2009-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
    },
    {
      "name": "CVE-2011-1092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1092"
    },
    {
      "name": "CVE-2010-1864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1864"
    },
    {
      "name": "CVE-2011-0708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0708"
    },
    {
      "name": "CVE-2011-1184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1184"
    },
    {
      "name": "CVE-2011-2526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2526"
    },
    {
      "name": "CVE-2011-1148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1148"
    },
    {
      "name": "CVE-2009-3548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3548"
    },
    {
      "name": "CVE-2010-2191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2191"
    },
    {
      "name": "CVE-2010-2101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2101"
    },
    {
      "name": "CVE-2009-0033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0033"
    },
    {
      "name": "CVE-2006-7243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7243"
    },
    {
      "name": "CVE-2009-0781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0781"
    },
    {
      "name": "CVE-2010-4698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4698"
    },
    {
      "name": "CVE-2010-2225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2225"
    },
    {
      "name": "CVE-2010-2097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2097"
    },
    {
      "name": "CVE-2011-1464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1464"
    },
    {
      "name": "CVE-2011-4885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4885"
    },
    {
      "name": "CVE-2010-1860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1860"
    },
    {
      "name": "CVE-2010-2190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2190"
    },
    {
      "name": "CVE-2011-2204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2204"
    },
    {
      "name": "CVE-2010-1157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1157"
    },
    {
      "name": "CVE-2010-4150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4150"
    },
    {
      "name": "CVE-2011-1938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1938"
    },
    {
      "name": "CVE-2010-1862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1862"
    }
  ],
  "initial_release_date": "2012-04-18T00:00:00",
  "last_revision_date": "2012-04-18T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-219",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-04-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9s corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eHP OpenVMS\u003c/span\u003e. Ces vuln\u00e9rabilit\u00e9s affectent plusieurs\n\u00e9l\u00e9ments du produit. Elles permettent de contourner des politiques de\ns\u00e9curit\u00e9, de s\u0027\u00e9lever des privil\u00e8ges, d\u0027effectuer des modifications non\nautoris\u00e9es, de causer des d\u00e9nis de service et d\u0027acc\u00e9der \u00e0 des\ninformations non permises.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP OpenVMS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03281867 du 16 avril 2012",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03281867"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03281831 du 16 avril 2012",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03281831"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03281869 du 16 avril 2012",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03281869"
    }
  ]
}

CERTA-2012-AVI-218

Vulnerability from certfr_avis - Published: 2012-04-18 - Updated: 2012-04-18

De multiples vulnérabilités ont été corrigées dans HP System Management Homepage. Leur exploitation permet, entre autres, d'exécuter du code arbitraire à distance et de réaliser des dénis de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

HP System Management Homepage versions antérieures à 7.0.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité HP c03280632 du 16 avril 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003e\u003cSPAN class=\"textit\"\u003eHP System Management Homepage\u003c/SPAN\u003e  versions ant\u00e9rieures \u00e0 7.0.\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-2202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2202"
    },
    {
      "name": "CVE-2011-0195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0195"
    },
    {
      "name": "CVE-2011-3192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
    },
    {
      "name": "CVE-2011-2483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2483"
    },
    {
      "name": "CVE-2011-3348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3348"
    },
    {
      "name": "CVE-2011-3210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3210"
    },
    {
      "name": "CVE-2011-1471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1471"
    },
    {
      "name": "CVE-2010-1623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1623"
    },
    {
      "name": "CVE-2011-3182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3182"
    },
    {
      "name": "CVE-2010-0734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0734"
    },
    {
      "name": "CVE-2010-2791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2791"
    },
    {
      "name": "CVE-2011-3268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3268"
    },
    {
      "name": "CVE-2012-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0135"
    },
    {
      "name": "CVE-2011-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1153"
    },
    {
      "name": "CVE-2010-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4645"
    },
    {
      "name": "CVE-2010-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2068"
    },
    {
      "name": "CVE-2010-1452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1452"
    },
    {
      "name": "CVE-2011-3267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3267"
    },
    {
      "name": "CVE-2010-4409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4409"
    },
    {
      "name": "CVE-2011-1148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1148"
    },
    {
      "name": "CVE-2011-1467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1467"
    },
    {
      "name": "CVE-2011-3368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3368"
    },
    {
      "name": "CVE-2012-1993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1993"
    },
    {
      "name": "CVE-2011-2192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2192"
    },
    {
      "name": "CVE-2011-3207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3207"
    },
    {
      "name": "CVE-2011-1470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1470"
    },
    {
      "name": "CVE-2011-1464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1464"
    },
    {
      "name": "CVE-2011-3639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3639"
    },
    {
      "name": "CVE-2009-0037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0037"
    },
    {
      "name": "CVE-2010-3436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3436"
    },
    {
      "name": "CVE-2011-4317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4317"
    },
    {
      "name": "CVE-2011-1945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1945"
    },
    {
      "name": "CVE-2011-1928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1928"
    },
    {
      "name": "CVE-2011-3846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3846"
    },
    {
      "name": "CVE-2011-0014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0014"
    },
    {
      "name": "CVE-2011-0419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
    },
    {
      "name": "CVE-2011-1468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1468"
    },
    {
      "name": "CVE-2011-1938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1938"
    },
    {
      "name": "CVE-2011-3189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3189"
    }
  ],
  "initial_release_date": "2012-04-18T00:00:00",
  "last_revision_date": "2012-04-18T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-218",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-04-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eHP System Management Homepage\u003c/span\u003e. Leur exploitation\npermet, entre autres, d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance et de\nr\u00e9aliser des d\u00e9nis de service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP System Management Homepage",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03280632 du 16 avril 2012",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03280632"
    }
  ]
}

CERTA-2011-AVI-564

Vulnerability from certfr_avis - Published: 2011-10-13 - Updated: 2011-10-13

Plusieurs vulnérabilités présentes dans Mac OS X ont été corrigées.

Description

De multiples vulnérabilités découvertes dans Mac OS X permettent à une personne malveillante d'exécuter du code arbitraire à distance avec potentiellement des privilèges élevés, de provoquer un déni de service, de contourner la politique de sécurité du système, de porter atteinte à la confidentialité et à l'intégrité des données ou encore de réaliser une injection de code indirecte.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Mac OS X v10.6.8 ;
Apple	N/A	Mac OS X Lion Server v10.7 et v10.7.1 ;
Apple	N/A	Mac OS X Server v10.7 et v10.7.1.
Apple	N/A	Mac OS X Server v10.6.8 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT5002 du 12 octobre 2011	None	vendor-advisory
Référence CVE CVE-2010-3436 :	-	other
Référence CVE CVE-2011-0708 :	-	other
Référence CVE CVE-2011-1467 :	-	other
Référence CVE CVE-2011-1910 :	-	other
Référence CVE CVE-2011-3217 :	-	other
Référence CVE CVE-2011-1153 :	-	other
Référence CVE CVE-2011-3220 :	-	other
Référence CVE CVE-2010-3614 :	-	other
Référence CVE CVE-2011-0420 :	-	other
Référence CVE CVE-2011-0411 :	-	other
Référence CVE CVE-2011-0224 :	-	other
Référence CVE CVE-2010-3613 :	-	other
Référence CVE CVE-2011-3225 :	-	other
Référence CVE CVE-2011-0249 :	-	other
Référence CVE CVE-2011-3227 :	-	other
Référence CVE CVE-2011-1521 :	-	other
Référence CVE CVE-2011-0185 :	-	other
Référence CVE CVE-2011-0252 :	-	other
Référence CVE CVE-2011-0226 :	-	other
Référence CVE CVE-2010-4645 :	-	other
Référence CVE CVE-2011-3213 :	-	other
Référence CVE CVE-2011-3221 :	-	other
Référence CVE CVE-2011-1471 :	-	other
Référence CVE CVE-2011-3435 :	-	other
Référence CVE CVE-2011-3218 :	-	other
Référence CVE CVE-2011-0013 :	-	other
Référence CVE CVE-2010-1634 :	-	other
Référence CVE CVE-2011-0250 :	-	other
Référence CVE CVE-2011-3224 :	-	other
Référence CVE CVE-2011-0259 :	-	other
Référence CVE CVE-2011-2690 :	-	other
Référence CVE CVE-2011-3226 :	-	other
Référence CVE CVE-2011-3216 :	-	other
Référence CVE CVE-2011-3212 :	-	other
Référence CVE CVE-2010-2089 :	-	other
Référence CVE CVE-2010-3718 :	-	other
Référence CVE CVE-2011-0260 :	-	other
Référence CVE CVE-2011-3214 :	-	other
Référence CVE CVE-2010-1157 :	-	other
Référence CVE CVE-2011-0707 :	-	other
Référence CVE CVE-2011-3223 :	-	other
Référence CVE CVE-2011-3246 :	-	other
Référence CVE CVE-2010-2227 :	-	other
Référence CVE CVE-2010-4172 :	-	other
Référence CVE CVE-2011-3436 :	-	other
Référence CVE CVE-2011-2691 :	-	other
Référence CVE CVE-2011-3437 :	-	other
Référence CVE CVE-2009-4022 :	-	other
Référence CVE CVE-2011-0187 :	-	other
Référence CVE CVE-2011-3192 :	-	other
Référence CVE CVE-2011-1755 :	-	other
Référence CVE CVE-2010-0097 :	-	other
Référence CVE CVE-2011-0419 :	-	other
Référence CVE CVE-2011-1466 :	-	other
Référence CVE CVE-2011-0421 :	-	other
Référence CVE CVE-2011-0251 :	-	other
Référence CVE CVE-2011-3219 :	-	other
Référence CVE CVE-2011-0229 :	-	other
Référence CVE CVE-2011-3222 :	-	other
Référence CVE CVE-2011-0534 :	-	other
Référence CVE CVE-2011-3228 :	-	other
Référence CVE CVE-2011-3215 :	-	other
Référence CVE CVE-2011-1092 :	-	other
Référence CVE CVE-2011-0230 :	-	other
Référence CVE CVE-2011-1470 :	-	other
Référence CVE CVE-2011-0231 :	-	other
Référence CVE CVE-2011-2692 :	-	other
Référence CVE CVE-2011-1468 :	-	other
Référence CVE CVE-2011-2464 :	-	other
Référence CVE CVE-2011-1469 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X v10.6.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Lion Server v10.7 et v10.7.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server v10.7 et v10.7.1.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server v10.6.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans Mac OS X permettent \u00e0 une\npersonne malveillante d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance avec\npotentiellement des privil\u00e8ges \u00e9lev\u00e9s, de provoquer un d\u00e9ni de service,\nde contourner la politique de s\u00e9curit\u00e9 du syst\u00e8me, de porter atteinte \u00e0\nla confidentialit\u00e9 et \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es ou encore de r\u00e9aliser\nune injection de code indirecte.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-3216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3216"
    },
    {
      "name": "CVE-2011-3436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3436"
    },
    {
      "name": "CVE-2010-1634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1634"
    },
    {
      "name": "CVE-2011-3214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3214"
    },
    {
      "name": "CVE-2011-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0187"
    },
    {
      "name": "CVE-2011-3192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
    },
    {
      "name": "CVE-2011-3228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3228"
    },
    {
      "name": "CVE-2011-0421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0421"
    },
    {
      "name": "CVE-2011-0259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0259"
    },
    {
      "name": "CVE-2011-3221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3221"
    },
    {
      "name": "CVE-2010-4172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4172"
    },
    {
      "name": "CVE-2011-3217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3217"
    },
    {
      "name": "CVE-2011-3219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3219"
    },
    {
      "name": "CVE-2011-0534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0534"
    },
    {
      "name": "CVE-2011-0230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0230"
    },
    {
      "name": "CVE-2011-0229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0229"
    },
    {
      "name": "CVE-2011-1471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1471"
    },
    {
      "name": "CVE-2011-3222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3222"
    },
    {
      "name": "CVE-2011-1466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1466"
    },
    {
      "name": "CVE-2011-0226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0226"
    },
    {
      "name": "CVE-2011-0013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0013"
    },
    {
      "name": "CVE-2011-0231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0231"
    },
    {
      "name": "CVE-2011-3213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3213"
    },
    {
      "name": "CVE-2009-4022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4022"
    },
    {
      "name": "CVE-2011-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1153"
    },
    {
      "name": "CVE-2011-3218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3218"
    },
    {
      "name": "CVE-2011-2692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2692"
    },
    {
      "name": "CVE-2010-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4645"
    },
    {
      "name": "CVE-2011-0249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0249"
    },
    {
      "name": "CVE-2011-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3212"
    },
    {
      "name": "CVE-2011-0250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0250"
    },
    {
      "name": "CVE-2011-1092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1092"
    },
    {
      "name": "CVE-2011-3227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3227"
    },
    {
      "name": "CVE-2011-1469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1469"
    },
    {
      "name": "CVE-2010-2227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2227"
    },
    {
      "name": "CVE-2011-1910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1910"
    },
    {
      "name": "CVE-2011-3220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3220"
    },
    {
      "name": "CVE-2011-0708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0708"
    },
    {
      "name": "CVE-2010-3614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3614"
    },
    {
      "name": "CVE-2011-3224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3224"
    },
    {
      "name": "CVE-2011-3226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3226"
    },
    {
      "name": "CVE-2011-0260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0260"
    },
    {
      "name": "CVE-2011-2690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2690"
    },
    {
      "name": "CVE-2011-3215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3215"
    },
    {
      "name": "CVE-2010-3613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3613"
    },
    {
      "name": "CVE-2011-1521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1521"
    },
    {
      "name": "CVE-2011-1467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1467"
    },
    {
      "name": "CVE-2011-1755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1755"
    },
    {
      "name": "CVE-2011-3246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3246"
    },
    {
      "name": "CVE-2011-3435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3435"
    },
    {
      "name": "CVE-2011-2691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2691"
    },
    {
      "name": "CVE-2011-3437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3437"
    },
    {
      "name": "CVE-2011-0251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0251"
    },
    {
      "name": "CVE-2011-1470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1470"
    },
    {
      "name": "CVE-2011-3225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3225"
    },
    {
      "name": "CVE-2011-0411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0411"
    },
    {
      "name": "CVE-2010-3718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3718"
    },
    {
      "name": "CVE-2011-2464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2464"
    },
    {
      "name": "CVE-2010-3436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3436"
    },
    {
      "name": "CVE-2010-0097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0097"
    },
    {
      "name": "CVE-2011-0707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0707"
    },
    {
      "name": "CVE-2011-0252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0252"
    },
    {
      "name": "CVE-2011-0224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0224"
    },
    {
      "name": "CVE-2010-2089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2089"
    },
    {
      "name": "CVE-2011-0420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0420"
    },
    {
      "name": "CVE-2010-1157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1157"
    },
    {
      "name": "CVE-2011-0419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
    },
    {
      "name": "CVE-2011-1468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1468"
    },
    {
      "name": "CVE-2011-3223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3223"
    },
    {
      "name": "CVE-2011-0185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0185"
    }
  ],
  "initial_release_date": "2011-10-13T00:00:00",
  "last_revision_date": "2011-10-13T00:00:00",
  "links": [
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3436 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3436"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0708 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0708"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1467 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1467"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1910 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1910"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3217 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3217"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1153 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1153"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3220 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3220"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3614 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3614"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0420 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0420"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0411 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0411"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0224 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0224"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3613 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3613"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3225 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3225"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0249 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0249"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3227 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3227"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1521 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1521"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0185 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0185"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0252 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0252"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0226 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0226"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-4645 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-4645"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3213 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3213"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3221 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3221"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1471 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1471"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3435 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3435"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3218 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3218"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0013 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0013"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-1634 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-1634"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0250 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0250"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3224 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3224"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0259 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0259"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2690 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2690"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3226 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3226"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3216 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3216"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3212 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3212"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-2089 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-2089"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3718 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3718"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0260 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0260"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3214 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3214"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-1157 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-1157"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0707 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0707"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3223 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3223"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3246 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3246"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-2227 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-2227"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-4172 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-4172"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3436 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3436"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2691 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2691"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3437 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3437"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2009-4022 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2009-4022"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0187 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0187"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3192 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3192"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1755 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1755"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-0097 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-0097"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0419 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0419"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1466 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1466"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0421 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0421"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0251 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0251"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3219 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3219"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0229 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0229"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3222 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3222"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0534 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0534"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3228 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3228"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3215 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3215"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1092 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1092"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0230 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0230"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1470 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1470"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0231 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0231"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2692 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2692"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1468 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1468"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2464 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2464"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1469 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1469"
    }
  ],
  "reference": "CERTA-2011-AVI-564",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans Mac OS X ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT5002 du 12 octobre 2011",
      "url": "http://docs.info.apple.com/article.html?artnum=HT5002"
    }
  ]
}

FKIE_CVE-2010-4645

Vulnerability from fkie_nvd - Published: 2011-01-11 03:00 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://bugs.php.net/53632	Exploit
secalert@redhat.com	http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf
secalert@redhat.com	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html
secalert@redhat.com	http://marc.info/?l=bugtraq&m=133226187115472&w=2
secalert@redhat.com	http://marc.info/?l=bugtraq&m=133469208622507&w=2
secalert@redhat.com	http://secunia.com/advisories/42812
secalert@redhat.com	http://secunia.com/advisories/42843
secalert@redhat.com	http://secunia.com/advisories/43051
secalert@redhat.com	http://secunia.com/advisories/43189
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.484686
secalert@redhat.com	http://support.apple.com/kb/HT5002
secalert@redhat.com	http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327&r2=307095&pathrev=307095	Patch
secalert@redhat.com	http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/01/05/2	Exploit, Patch
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/01/05/8
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/01/06/5
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2023/05/14/3
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2011-0195.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2011-0196.html
secalert@redhat.com	http://www.securityfocus.com/bid/45668	Exploit
secalert@redhat.com	http://www.ubuntu.com/usn/USN-1042-1
secalert@redhat.com	http://www.vupen.com/english/advisories/2011/0060	Vendor Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2011/0066
secalert@redhat.com	http://www.vupen.com/english/advisories/2011/0077
secalert@redhat.com	http://www.vupen.com/english/advisories/2011/0198
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/64470
af854a3a-2127-422b-91ae-364da2661108	http://bugs.php.net/53632	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=133226187115472&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=133469208622507&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42812
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42843
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43051
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43189
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.484686
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5002
af854a3a-2127-422b-91ae-364da2661108	http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327&r2=307095&pathrev=307095	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/01/05/2	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/01/05/8
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/01/06/5
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2023/05/14/3
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2011-0195.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2011-0196.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/45668	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1042-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0060	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0066
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0077
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0198
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/64470

Impacted products

Vendor	Product	Version
php	php	5.2.0
php	php	5.2.1
php	php	5.2.2
php	php	5.2.3
php	php	5.2.4
php	php	5.2.5
php	php	5.2.6
php	php	5.2.7
php	php	5.2.8
php	php	5.2.9
php	php	5.2.10
php	php	5.2.11
php	php	5.2.12
php	php	5.2.13
php	php	5.2.14
php	php	5.2.15
php	php	5.2.16
php	php	5.3.0
php	php	5.3.1
php	php	5.3.2
php	php	5.3.3
php	php	5.3.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAAB7D55-F155-43F9-A563-F2E35CFFEF26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "72243A3F-6BFD-472B-9EA4-82BE4253ED27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308."
    },
    {
      "lang": "es",
      "value": "strtod.c, tal como se utiliza en la funci\u00f3n zend_strtod en PHP v5.2 anterior de v5.2.17 y v5.3 anterior de v5.3.5, y otros productos, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de un cierto valor de punto flotante en notaci\u00f3n cient\u00edfica, que no se manipula correctamente en los registros FPU x87."
    }
  ],
  "id": "CVE-2010-4645",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-01-11T03:00:04.280",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugs.php.net/53632"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=133226187115472\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42812"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42843"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43189"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.484686"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT5002"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327\u0026r2=307095\u0026pathrev=307095"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/01/05/2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/01/05/8"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/01/06/5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2023/05/14/3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0195.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0196.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/45668"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-1042-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0060"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0066"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0077"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0198"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugs.php.net/53632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=133226187115472\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42843"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.484686"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT5002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327\u0026r2=307095\u0026pathrev=307095"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/01/05/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/01/05/8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/01/06/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2023/05/14/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0195.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0196.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/45668"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1042-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0060"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0198"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64470"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-89C3-82JR-PPPJ

Vulnerability from github – Published: 2022-05-17 02:03 – Updated: 2025-04-11 03:42

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-4645"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-01-11T03:00:00Z",
    "severity": "MODERATE"
  },
  "details": "strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.",
  "id": "GHSA-89c3-82jr-pppj",
  "modified": "2025-04-11T03:42:51Z",
  "published": "2022-05-17T02:03:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4645"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64470"
    },
    {
      "type": "WEB",
      "url": "http://bugs.php.net/53632"
    },
    {
      "type": "WEB",
      "url": "http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=133226187115472\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42812"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42843"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43051"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43189"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.484686"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5002"
    },
    {
      "type": "WEB",
      "url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327\u0026r2=307095\u0026pathrev=307095"
    },
    {
      "type": "WEB",
      "url": "http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2011/01/05/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2011/01/05/8"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2011/01/06/5"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/05/14/3"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0195.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0196.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/45668"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1042-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0060"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0066"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0077"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0198"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-4645 (GCVE-0-2010-4645)

GSD-2010-4645

CERTA-2011-AVI-003

Description

Solution

CERTA-2012-AVI-219

Solution

CERTA-2012-AVI-218

Solution

CERTA-2011-AVI-564

Description

Solution

FKIE_CVE-2010-4645

GHSA-89C3-82JR-PPPJ

Tags

Sightings

Nomenclature