CVE-2010-4645

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.

References

http://bugs.php.net/53632

http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf

http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html

http://marc.info/?l=bugtraq&m=133226187115472&w=2

http://marc.info/?l=bugtraq&m=133469208622507&w=2

http://secunia.com/advisories/42812

http://secunia.com/advisories/42843

http://secunia.com/advisories/43051

http://secunia.com/advisories/43189

http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.484686

http://support.apple.com/kb/HT5002

http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327&r2=307095&pathrev=307095

http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/

http://www.openwall.com/lists/oss-security/2011/01/05/2

http://www.openwall.com/lists/oss-security/2011/01/05/8

http://www.openwall.com/lists/oss-security/2011/01/06/5

http://www.redhat.com/support/errata/RHSA-2011-0195.html

http://www.redhat.com/support/errata/RHSA-2011-0196.html

http://www.securityfocus.com/bid/45668

http://www.ubuntu.com/usn/USN-1042-1

http://www.vupen.com/english/advisories/2011/0060

http://www.vupen.com/english/advisories/2011/0066

http://www.vupen.com/english/advisories/2011/0077

http://www.vupen.com/english/advisories/2011/0198

https://exchange.xforce.ibmcloud.com/vulnerabilities/64470

Details

Source: MITRE

Published: 2011-01-11

Updated: 2017-08-17

Type: CWE-189

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
78127F5 Networks BIG-IP : PHP vulnerability (SOL12650)NessusF5 Networks Local Security Checks
medium
75431openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)NessusSuSE Local Security Checks
medium
68192Oracle Linux 5 : php53 (ELSA-2011-0196)NessusOracle Linux Local Security Checks
medium
68191Oracle Linux 6 : php (ELSA-2011-0195)NessusOracle Linux Local Security Checks
medium
60949Scientific Linux Security Update : php on SL6.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60948Scientific Linux Security Update : php53 on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
58811HP System Management Homepage < 7.0 Multiple VulnerabilitiesNessusWeb Servers
critical
57157SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7393)NessusSuSE Local Security Checks
medium
56481Mac OS X Multiple Vulnerabilities (Security Update 2011-006)NessusMacOS X Local Security Checks
critical
56459GLSA-201110-06 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
53695openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)NessusSuSE Local Security Checks
medium
53416CentOS 5 : php53 (CESA-2011:0196)NessusCentOS Local Security Checks
medium
53285SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7375)NessusSuSE Local Security Checks
medium
53282SuSE 11.1 Security Update : PHP5 (SAT Patch Number 4133)NessusSuSE Local Security Checks
medium
51867RHEL 5 : php53 (RHSA-2011:0196)NessusRed Hat Local Security Checks
medium
51866RHEL 6 : php (RHSA-2011:0195)NessusRed Hat Local Security Checks
medium
51649Fedora 14 : maniadrive-1.2-26.fc14.1 / maniadrive-data-1.2-5.fc14 / php-5.3.5-1.fc14 / etc (2011-0329)NessusFedora Local Security Checks
medium
51648Fedora 13 : maniadrive-1.2-26.fc13.1 / maniadrive-data-1.2-5.fc13 / php-5.3.5-1.fc13 / etc (2011-0321)NessusFedora Local Security Checks
medium
51502Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : php5 vulnerabilities (USN-1042-1)NessusUbuntu Local Security Checks
medium
51451Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : php (SSA:2011-010-01)NessusSlackware Local Security Checks
medium
51450FreeBSD : php -- multiple vulnerabilities (2b6ed5c7-1a7f-11e0-b61d-000c29d1636d)NessusFreeBSD Local Security Checks
medium
801108PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoSLog Correlation EngineWeb Servers
low
5740PHP 5.2.x < 5.2.17 / 5.3.x < 5.3.5 String To Double Conversion DoSNessus Network MonitorWeb Servers
medium
51439PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoSNessusCGI abuses
medium