ID CVE-2010-4645
Summary strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
References
Vulnerable Configurations
  • PHP 5.2.0
    cpe:2.3:a:php:php:5.2.0
  • PHP 5.2.1 -
    cpe:2.3:a:php:php:5.2.1
  • PHP 5.2.10 -
    cpe:2.3:a:php:php:5.2.10
  • PHP 5.2.11 -
    cpe:2.3:a:php:php:5.2.11
  • PHP 5.2.12 -
    cpe:2.3:a:php:php:5.2.12
  • PHP 5.2.13 -
    cpe:2.3:a:php:php:5.2.13
  • PHP 5.2.14 -
    cpe:2.3:a:php:php:5.2.14
  • PHP 5.2.2 -
    cpe:2.3:a:php:php:5.2.2
  • PHP 5.2.3 -
    cpe:2.3:a:php:php:5.2.3
  • PHP 5.2.4 -
    cpe:2.3:a:php:php:5.2.4
  • PHP 5.2.5 -
    cpe:2.3:a:php:php:5.2.5
  • PHP 5.2.6 -
    cpe:2.3:a:php:php:5.2.6
  • PHP 5.2.8
    cpe:2.3:a:php:php:5.2.8
  • PHP 5.2.9 -
    cpe:2.3:a:php:php:5.2.9
  • PHP 5.2.7 -
    cpe:2.3:a:php:php:5.2.7
  • PHP 5.2.15 -
    cpe:2.3:a:php:php:5.2.15
  • PHP 5.2.16
    cpe:2.3:a:php:php:5.2.16
  • PHP 5.3.3 -
    cpe:2.3:a:php:php:5.3.3
  • PHP 5.3.0
    cpe:2.3:a:php:php:5.3.0
  • PHP 5.3.1 -
    cpe:2.3:a:php:php:5.3.1
  • PHP 5.3.2 -
    cpe:2.3:a:php:php:5.3.2
  • PHP 5.3.4 -
    cpe:2.3:a:php:php:5.3.4
CVSS
Base: 5.0 (as of 11-01-2011 - 13:13)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description PHP 5.3.2 'zend_strtod()' Function Floating-Point Value Denial of Service Vulnerability. CVE-2010-4645 . Dos exploit for php platform
id EDB-ID:35164
last seen 2016-02-04
modified 2011-01-03
published 2011-01-03
reporter Rick Regan
source https://www.exploit-db.com/download/35164/
title PHP <= 5.3.2 - 'zend_strtod' Function Floating-Point Value Denial of Service Vulnerability
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-0321.NASL
    description This release resolves a critical issue, reported as PHP bug #53632 and CVE-2010-4645, where conversions from string to double might cause the PHP interpreter to hang on systems using x87 FPU registers. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 51648
    published 2011-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51648
    title Fedora 13 : maniadrive-1.2-26.fc13.1 / maniadrive-data-1.2-5.fc13 / php-5.3.5-1.fc13 / etc (2011-0321)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_2B6ED5C71A7F11E0B61D000C29D1636D.NASL
    description PHP developers reports : Security Enhancements and Fixes in PHP 5.3.5 : - Fixed bug #53632 (PHP hangs on numeric value 2.2250738585072011e-308). (CVE-2010-4645) Security Enhancements and Fixes in PHP 5.2.17 : - Fixed bug #53632 (PHP hangs on numeric value 2.2250738585072011e-308). (CVE-2010-4645)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 51450
    published 2011-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51450
    title FreeBSD : php -- multiple vulnerabilities (2b6ed5c7-1a7f-11e0-b61d-000c29d1636d)
  • NASL family Web Servers
    NASL id HPSMH_7_0_0_24.NASL
    description According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote host is earlier than 7.0. As such, it is reportedly affected by the following vulnerabilities : - An error exists in the 'generate-id' function in the bundled libxslt library that can allow disclosure of heap memory addresses. (CVE-2011-0195) - An unspecified input validation error exists and can allow cross-site request forgery attacks. (CVE-2011-3846) - Unspecified errors can allow attackers to carry out denial of service attacks via unspecified vectors. (CVE-2012-0135, CVE-2012-1993) - The bundled version of PHP contains multiple vulnerabilities. (CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1938, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3267, CVE-2011-3268) - The bundled version of Apache contains multiple vulnerabilities. (CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2011-0419, CVE-2011-1928, CVE-2011-3192, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639) - OpenSSL libraries are contained in several of the bundled components and contain multiple vulnerabilities. (CVE-2011-0014, CVE-2011-1468, CVE-2011-1945, CVE-2011-3207,CVE-2011-3210) - Curl libraries are contained in several of the bundled components and contain multiple vulnerabilities. (CVE-2009-0037, CVE-2010-0734, CVE-2011-2192)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 58811
    published 2012-04-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58811
    title HP System Management Homepage < 7.0 Multiple Vulnerabilities
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20110203_PHP53_ON_SL5_X.NASL
    description A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems. (CVE-2010-4645) A stack memory exhaustion flaw was found in the way the PHP filter_var() function validated email addresses. An attacker could use this flaw to crash the PHP interpreter by providing excessively long input to be validated as an email address. (CVE-2010-3710) A memory disclosure flaw was found in the PHP multi-byte string extension. If the mb_strcut() function was called with a length argument exceeding the input string size, the function could disclose a portion of the PHP interpreter's memory. (CVE-2010-4156) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 60948
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60948
    title Scientific Linux Security Update : php53 on SL5.x i386/x86_64
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1042-1.NASL
    description It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting (XSS) protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. (CVE-2009-5016) It was discovered that the XML UTF-8 decoding code did not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which could allow an attacker to bypass cross-site scripting (XSS) protections. (CVE-2010-3870) It was discovered that attackers might be able to bypass open_basedir() restrictions by passing a specially crafted filename. (CVE-2010-3436) Maksymilian Arciemowicz discovered that a NULL pointer derefence in the ZIP archive handling code could allow an attacker to cause a denial of service through a specially crafted ZIP archive. This issue only affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu 10.10. (CVE-2010-3709) It was discovered that a stack consumption vulnerability in the filter_var() PHP function when in FILTER_VALIDATE_EMAIL mode, could allow a remote attacker to cause a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu 10.10. (CVE-2010-3710) It was discovered that the mb_strcut function in the Libmbfl library within PHP could allow an attacker to read arbitrary memory within the application process. This issue only affected Ubuntu 10.10. (CVE-2010-4156) Maksymilian Arciemowicz discovered that an integer overflow in the NumberFormatter::getSymbol function could allow an attacker to cause a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 10.10. (CVE-2010-4409) Rick Regan discovered that when handing PHP textual representations of the largest subnormal double-precision floating-point number, the zend_strtod function could go into an infinite loop on 32bit x86 processors, allowing an attacker to cause a denial of service. (CVE-2010-4645). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 51502
    published 2011-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51502
    title Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : php5 vulnerabilities (USN-1042-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-0196.NASL
    description From Red Hat Security Advisory 2011:0196 : Updated php53 packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems. (CVE-2010-4645) A stack memory exhaustion flaw was found in the way the PHP filter_var() function validated email addresses. An attacker could use this flaw to crash the PHP interpreter by providing excessively long input to be validated as an email address. (CVE-2010-3710) A memory disclosure flaw was found in the PHP multi-byte string extension. If the mb_strcut() function was called with a length argument exceeding the input string size, the function could disclose a portion of the PHP interpreter's memory. (CVE-2010-4156) All php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 68192
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68192
    title Oracle Linux 5 : php53 (ELSA-2011-0196)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-0196.NASL
    description Updated php53 packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems. (CVE-2010-4645) A stack memory exhaustion flaw was found in the way the PHP filter_var() function validated email addresses. An attacker could use this flaw to crash the PHP interpreter by providing excessively long input to be validated as an email address. (CVE-2010-3710) A memory disclosure flaw was found in the PHP multi-byte string extension. If the mb_strcut() function was called with a length argument exceeding the input string size, the function could disclose a portion of the PHP interpreter's memory. (CVE-2010-4156) All php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 51867
    published 2011-02-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51867
    title RHEL 5 : php53 (RHSA-2011:0196)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20110203_PHP_ON_SL6_X.NASL
    description A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems. (CVE-2010-4645) A numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870) A NULL pointer dereference flaw was found in the PHP ZipArchive::getArchiveComment function. If a script used this function to inspect a specially crafted ZIP archive file, it could cause the PHP interpreter to crash. (CVE-2010-3709) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 60949
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60949
    title Scientific Linux Security Update : php on SL6.x i386/x86_64
  • NASL family CGI abuses
    NASL id PHP_5_3_5.NASL
    description According to its banner, the version of PHP 5.x installed on the remote host is older than 5.2.17 or 5.3.5. Such versions may experience a crash while performing string to double conversion for certain numeric values. Only x86 32-bit PHP processes are known to be affected by this issue regardless of whether the system running PHP is 32-bit or 64-bit.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 51439
    published 2011-01-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51439
    title PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoS
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2011-010-01.NASL
    description New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 51451
    published 2011-01-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51451
    title Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : php (SSA:2011-010-01)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201110-06.NASL
    description The remote host is affected by the vulnerability described in GLSA-201110-06 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could execute arbitrary code, obtain sensitive information from process memory, bypass intended access restrictions, or cause a Denial of Service in various ways. A remote attacker could cause a Denial of Service in various ways, bypass spam detections, or bypass open_basedir restrictions. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 56459
    published 2011-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56459
    title GLSA-201110-06 : PHP: Multiple vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-0195.NASL
    description Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems. (CVE-2010-4645) A numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870) A NULL pointer dereference flaw was found in the PHP ZipArchive::getArchiveComment function. If a script used this function to inspect a specially crafted ZIP archive file, it could cause the PHP interpreter to crash. (CVE-2010-3709) All php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 51866
    published 2011-02-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51866
    title RHEL 6 : php (RHSA-2011:0195)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2011-006.NASL
    description The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2011-006 applied. This update contains numerous security-related fixes for the following components : - Apache - Application Firewall - ATS - BIND - Certificate Trust Policy - CFNetwork - CoreFoundation - CoreMedia - File Systems - IOGraphics - iChat Server - Mailman - MediaKit - PHP - postfix - python - QuickTime - Tomcat - User Documentation - Web Server - X11
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 56481
    published 2011-10-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56481
    title Mac OS X Multiple Vulnerabilities (Security Update 2011-006)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_APACHE2-MOD_PHP5-110309.NASL
    description php5 was updated to fix several security issues. (CVE-2010-3709, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753, CVE-2011-0755,CVE-2011-0708, CVE-2011-0420)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75431
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75431
    title openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_APACHE2-MOD_PHP5-110309.NASL
    description php5 was updated to fix several security issues. (CVE-2010-3709, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753, CVE-2011-0755,CVE-2011-0708, CVE-2011-0420)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53695
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53695
    title openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-0195.NASL
    description From Red Hat Security Advisory 2011:0195 : Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems. (CVE-2010-4645) A numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870) A NULL pointer dereference flaw was found in the PHP ZipArchive::getArchiveComment function. If a script used this function to inspect a specially crafted ZIP archive file, it could cause the PHP interpreter to crash. (CVE-2010-3709) All php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 68191
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68191
    title Oracle Linux 6 : php (ELSA-2011-0195)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2011-0196.NASL
    description Updated php53 packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems. (CVE-2010-4645) A stack memory exhaustion flaw was found in the way the PHP filter_var() function validated email addresses. An attacker could use this flaw to crash the PHP interpreter by providing excessively long input to be validated as an email address. (CVE-2010-3710) A memory disclosure flaw was found in the PHP multi-byte string extension. If the mb_strcut() function was called with a length argument exceeding the input string size, the function could disclose a portion of the PHP interpreter's memory. (CVE-2010-4156) All php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53416
    published 2011-04-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53416
    title CentOS 5 : php53 (CESA-2011:0196)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_APACHE2-MOD_PHP5-110310.NASL
    description PHP5 was updated to fix several security issues.
    last seen 2018-09-01
    modified 2013-10-25
    plugin id 53282
    published 2011-04-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53282
    title SuSE 11.1 Security Update : PHP5 (SAT Patch Number 4133)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL12650.NASL
    description The strtod.c function may allow context-dependent attackers to cause a denial-of-service via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78127
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78127
    title F5 Networks BIG-IP : PHP vulnerability (SOL12650)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_APACHE2-MOD_PHP5-7393.NASL
    description PHP5 was updated to fix several security issues. (CVE-2010-4150 / CVE-2010-4645 / CVE-2010-4697 / CVE-2010-4698 / CVE-2010-4699 / CVE-2011-0708 / CVE-2011-0752 / CVE-2011-0753 / CVE-2011-0755)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 57157
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57157
    title SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7393)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-0329.NASL
    description This release resolves a critical issue, reported as PHP bug #53632 and CVE-2010-4645, where conversions from string to double might cause the PHP interpreter to hang on systems using x87 FPU registers. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 51649
    published 2011-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51649
    title Fedora 14 : maniadrive-1.2-26.fc14.1 / maniadrive-data-1.2-5.fc14 / php-5.3.5-1.fc14 / etc (2011-0329)
redhat via4
advisories
  • bugzilla
    id 667806
    title CVE-2010-4645 php: hang on numeric value 2.2250738585072011e-308 with x87 fpu
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment php is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195005
        • comment php is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195006
      • AND
        • comment php-bcmath is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195047
        • comment php-bcmath is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195048
      • AND
        • comment php-cli is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195043
        • comment php-cli is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195044
      • AND
        • comment php-common is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195009
        • comment php-common is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195010
      • AND
        • comment php-dba is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195053
        • comment php-dba is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195054
      • AND
        • comment php-devel is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195031
        • comment php-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195032
      • AND
        • comment php-embedded is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195037
        • comment php-embedded is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195038
      • AND
        • comment php-enchant is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195025
        • comment php-enchant is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195026
      • AND
        • comment php-gd is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195055
        • comment php-gd is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195056
      • AND
        • comment php-imap is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195039
        • comment php-imap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195040
      • AND
        • comment php-intl is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195029
        • comment php-intl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195030
      • AND
        • comment php-ldap is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195045
        • comment php-ldap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195046
      • AND
        • comment php-mbstring is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195041
        • comment php-mbstring is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195042
      • AND
        • comment php-mysql is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195007
        • comment php-mysql is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195008
      • AND
        • comment php-odbc is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195019
        • comment php-odbc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195020
      • AND
        • comment php-pdo is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195017
        • comment php-pdo is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195018
      • AND
        • comment php-pgsql is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195013
        • comment php-pgsql is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195014
      • AND
        • comment php-process is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195015
        • comment php-process is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195016
      • AND
        • comment php-pspell is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195027
        • comment php-pspell is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195028
      • AND
        • comment php-recode is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195049
        • comment php-recode is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195050
      • AND
        • comment php-snmp is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195035
        • comment php-snmp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195036
      • AND
        • comment php-soap is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195023
        • comment php-soap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195024
      • AND
        • comment php-tidy is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195011
        • comment php-tidy is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195012
      • AND
        • comment php-xml is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195021
        • comment php-xml is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195022
      • AND
        • comment php-xmlrpc is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195051
        • comment php-xmlrpc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195052
      • AND
        • comment php-zts is earlier than 0:5.3.2-6.el6_0.1
          oval oval:com.redhat.rhsa:tst:20110195033
        • comment php-zts is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110195034
    rhsa
    id RHSA-2011:0195
    released 2011-02-03
    severity Moderate
    title RHSA-2011:0195: php security update (Moderate)
  • bugzilla
    id 667806
    title CVE-2010-4645 php: hang on numeric value 2.2250738585072011e-308 with x87 fpu
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment php53 is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196002
        • comment php53 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196003
      • AND
        • comment php53-bcmath is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196014
        • comment php53-bcmath is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196015
      • AND
        • comment php53-cli is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196024
        • comment php53-cli is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196025
      • AND
        • comment php53-common is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196022
        • comment php53-common is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196023
      • AND
        • comment php53-dba is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196018
        • comment php53-dba is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196019
      • AND
        • comment php53-devel is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196032
        • comment php53-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196033
      • AND
        • comment php53-gd is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196020
        • comment php53-gd is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196021
      • AND
        • comment php53-imap is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196004
        • comment php53-imap is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196005
      • AND
        • comment php53-intl is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196042
        • comment php53-intl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196043
      • AND
        • comment php53-ldap is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196030
        • comment php53-ldap is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196031
      • AND
        • comment php53-mbstring is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196028
        • comment php53-mbstring is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196029
      • AND
        • comment php53-mysql is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196012
        • comment php53-mysql is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196013
      • AND
        • comment php53-odbc is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196036
        • comment php53-odbc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196037
      • AND
        • comment php53-pdo is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196010
        • comment php53-pdo is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196011
      • AND
        • comment php53-pgsql is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196006
        • comment php53-pgsql is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196007
      • AND
        • comment php53-process is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196026
        • comment php53-process is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196027
      • AND
        • comment php53-pspell is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196038
        • comment php53-pspell is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196039
      • AND
        • comment php53-snmp is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196008
        • comment php53-snmp is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196009
      • AND
        • comment php53-soap is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196040
        • comment php53-soap is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196041
      • AND
        • comment php53-xml is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196034
        • comment php53-xml is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196035
      • AND
        • comment php53-xmlrpc is earlier than 0:5.3.3-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110196016
        • comment php53-xmlrpc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196017
    rhsa
    id RHSA-2011:0196
    released 2011-02-03
    severity Moderate
    title RHSA-2011:0196: php53 security update (Moderate)
rpms
  • php-0:5.3.2-6.el6_0.1
  • php-bcmath-0:5.3.2-6.el6_0.1
  • php-cli-0:5.3.2-6.el6_0.1
  • php-common-0:5.3.2-6.el6_0.1
  • php-dba-0:5.3.2-6.el6_0.1
  • php-devel-0:5.3.2-6.el6_0.1
  • php-embedded-0:5.3.2-6.el6_0.1
  • php-enchant-0:5.3.2-6.el6_0.1
  • php-gd-0:5.3.2-6.el6_0.1
  • php-imap-0:5.3.2-6.el6_0.1
  • php-intl-0:5.3.2-6.el6_0.1
  • php-ldap-0:5.3.2-6.el6_0.1
  • php-mbstring-0:5.3.2-6.el6_0.1
  • php-mysql-0:5.3.2-6.el6_0.1
  • php-odbc-0:5.3.2-6.el6_0.1
  • php-pdo-0:5.3.2-6.el6_0.1
  • php-pgsql-0:5.3.2-6.el6_0.1
  • php-process-0:5.3.2-6.el6_0.1
  • php-pspell-0:5.3.2-6.el6_0.1
  • php-recode-0:5.3.2-6.el6_0.1
  • php-snmp-0:5.3.2-6.el6_0.1
  • php-soap-0:5.3.2-6.el6_0.1
  • php-tidy-0:5.3.2-6.el6_0.1
  • php-xml-0:5.3.2-6.el6_0.1
  • php-xmlrpc-0:5.3.2-6.el6_0.1
  • php-zts-0:5.3.2-6.el6_0.1
  • php53-0:5.3.3-1.el5_6.1
  • php53-bcmath-0:5.3.3-1.el5_6.1
  • php53-cli-0:5.3.3-1.el5_6.1
  • php53-common-0:5.3.3-1.el5_6.1
  • php53-dba-0:5.3.3-1.el5_6.1
  • php53-devel-0:5.3.3-1.el5_6.1
  • php53-gd-0:5.3.3-1.el5_6.1
  • php53-imap-0:5.3.3-1.el5_6.1
  • php53-intl-0:5.3.3-1.el5_6.1
  • php53-ldap-0:5.3.3-1.el5_6.1
  • php53-mbstring-0:5.3.3-1.el5_6.1
  • php53-mysql-0:5.3.3-1.el5_6.1
  • php53-odbc-0:5.3.3-1.el5_6.1
  • php53-pdo-0:5.3.3-1.el5_6.1
  • php53-pgsql-0:5.3.3-1.el5_6.1
  • php53-process-0:5.3.3-1.el5_6.1
  • php53-pspell-0:5.3.3-1.el5_6.1
  • php53-snmp-0:5.3.3-1.el5_6.1
  • php53-soap-0:5.3.3-1.el5_6.1
  • php53-xml-0:5.3.3-1.el5_6.1
  • php53-xmlrpc-0:5.3.3-1.el5_6.1
refmap via4
apple APPLE-SA-2011-10-12-3
bid 45668
confirm
fedora
  • FEDORA-2011-0321
  • FEDORA-2011-0329
hp
  • HPSBMU02752
  • HPSBOV02763
  • SSRT100802
  • SSRT100826
misc
mlist
  • [oss-security] 20110105 Re: possible flaw in widely used strtod.c implementation
  • [oss-security] 20110105 possible flaw in widely used strtod.c implementation
  • [oss-security] 20110106 Re: possible flaw in widely used strtod.c implementation
secunia
  • 42812
  • 42843
  • 43051
  • 43189
slackware SSA:2011-010-01
ubuntu USN-1042-1
vupen
  • ADV-2011-0060
  • ADV-2011-0066
  • ADV-2011-0077
  • ADV-2011-0198
xf php-zendstrtod-dos(64470)
Last major update 22-08-2016 - 22:02
Published 10-01-2011 - 22:00
Last modified 16-08-2017 - 21:33
Back to Top