Back to search
CVE-2010-3709
Published: Nov 8, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2011-0077
vdb-entry
x_refsource_VUPEN
FEDORA-2010-19011
vendor-advisory
x_refsource_FEDORA
42812
third-party-advisory
x_refsource_SECUNIA
HPSBOV02763
vendor-advisory
x_refsource_HP
HPSBMA02662
vendor-advisory
x_refsource_HP
MDVSA-2010:218
vendor-advisory
x_refsource_MANDRIVA
20101105 PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference
third-party-advisory
x_refsource_SREASONRES
RHSA-2011:0195
vendor-advisory
x_refsource_REDHAT
1024690
vdb-entry
x_refsource_SECTRACK
http://www.php.net/releases/5_3_4.php
x_refsource_CONFIRM
APPLE-SA-2011-03-21-1
vendor-advisory
x_refsource_APPLE
USN-1042-1
vendor-advisory
x_refsource_UBUNTU
15431
exploit
x_refsource_EXPLOIT-DB
ADV-2011-0021
vdb-entry
x_refsource_VUPEN
http://www.php.net/ChangeLog-5.php
x_refsource_CONFIRM
SSRT100826
vendor-advisory
x_refsource_HP
SSA:2010-357-01
vendor-advisory
x_refsource_SLACKWARE
ADV-2010-3313
vdb-entry
x_refsource_VUPEN
http://www.php.net/archive/2010.php#id2010-12-10-1
x_refsource_CONFIRM
http://www.php.net/releases/5_2_15.php
x_refsource_CONFIRM
SSRT100409
vendor-advisory
x_refsource_HP
FEDORA-2010-18976
vendor-advisory
x_refsource_FEDORA
ADV-2011-0020
vdb-entry
x_refsource_VUPEN
42729
third-party-advisory
x_refsource_SECUNIA
44718
vdb-entry
x_refsource_BID
http://support.apple.com/kb/HT4581
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now