CVE-2010-4409

MEDIUM severity · CVSS 5 · CWE-189

5CVSS MEDIUM

Summary

Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.

Impact & exploitability

Attack vectorNetwork

Attack complexityLow

Privileges required—

User interaction—

Confidentiality impactNone

Integrity impactNone

Availability impact—

Exploit probability (EPSS)31%

AV:N/AC:L/Au:N/C:N/I:N/A:P

Affected products we track (1)

PHP

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Official patch: http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/formatter/formatter_attr.c?r1=305571&r2=305570&pathrev=305571 ↗

Additional information

NVD record
http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/formatter/formatter_attr.c?r1=305571&r2=305570&pathrev=305571Patch
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00035.html
http://secunia.com/advisories/42812
http://secunia.com/advisories/47674
http://support.apple.com/kb/HT4581