CVE-2010-4150

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

References

http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html

http://marc.info/?l=bugtraq&m=133469208622507&w=2

http://secunia.com/advisories/42729

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619

http://support.apple.com/kb/HT4581

http://svn.php.net/viewvc?view=revision&revision=305032

http://www.mandriva.com/security/advisories?name=MDVSA-2010:239

http://www.php.net/archive/2010.php#id2010-12-10-1

http://www.php.net/ChangeLog-5.php

http://www.php.net/releases/5_2_15.php

http://www.php.net/releases/5_3_4.php

http://www.securityfocus.com/bid/44980

http://www.securitytracker.com/id?1024761

http://www.vupen.com/english/advisories/2010/3027

http://www.vupen.com/english/advisories/2010/3313

http://www.vupen.com/english/advisories/2011/0020

http://www.vupen.com/english/advisories/2011/0021

https://bugzilla.redhat.com/show_bug.cgi?id=656917

https://exchange.xforce.ibmcloud.com/vulnerabilities/63390

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12489

Details

Source: MITRE

Published: 2010-12-07

Updated: 2017-09-19

Type: CWE-399

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
75431openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)NessusSuSE Local Security Checks
medium
57157SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7393)NessusSuSE Local Security Checks
medium
56459GLSA-201110-06 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
53695openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)NessusSuSE Local Security Checks
medium
53285SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7375)NessusSuSE Local Security Checks
medium
53282SuSE 11.1 Security Update : PHP5 (SAT Patch Number 4133)NessusSuSE Local Security Checks
medium
52754Mac OS X 10.6.x < 10.6.7 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
52753Mac OS X Multiple Vulnerabilities (Security Update 2011-001)NessusMacOS X Local Security Checks
high
800796Mac OS X 10.6 < 10.6.7 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5826Mac OS X 10.6 < 10.6.7 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
52719Debian DSA-2195-1 : php5 - several vulnerabilitiesNessusDebian Local Security Checks
medium
51503FreeBSD : php-imap -- Denial of Service (1a0704e7-0edf-11e0-becc-0022156e8794)NessusFreeBSD Local Security Checks
medium
51413Fedora 13 : maniadrive-1.2-23.fc13 / php-5.3.4-1.fc13.1 / php-eaccelerator-0.9.6.1-3.fc13 (2010-19011)NessusFedora Local Security Checks
medium
51412Fedora 14 : maniadrive-1.2-23.fc14 / php-5.3.4-1.fc14.1 / php-eaccelerator-0.9.6.1-3.fc14 (2010-18976)NessusFedora Local Security Checks
medium
51371Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : php (SSA:2010-357-01)NessusSlackware Local Security Checks
medium
51152FreeBSD : php -- multiple vulnerabilities (5353)NessusFreeBSD Local Security Checks
medium
801097PHP 5.2.x < 5.2.15 Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high
5733PHP 5.2.x < 5.2.15 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
51140PHP 5.3 < 5.3.4 Multiple VulnerabilitiesNessusCGI abuses
medium
51139PHP 5.2 < 5.2.15 Multiple VulnerabilitiesNessusCGI abuses
medium
801074PHP 5.3 < 5.3.4 Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high
5732PHP 5.3.x < 5.3.4 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
50667Mandriva Linux Security Advisory : php (MDVSA-2010:239)NessusMandriva Local Security Checks
medium