CVE-2010-4409

Published: Dec 6, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://svn.php.net/viewvc?view=revision&revision=305571

x_refsource_CONFIRM

ADV-2011-0077

vdb-entry

x_refsource_VUPEN

47674

third-party-advisory

x_refsource_SECUNIA

FEDORA-2010-19011

vendor-advisory

x_refsource_FEDORA

42812

third-party-advisory

x_refsource_SECUNIA

MDVSA-2010:255

vendor-advisory

x_refsource_MANDRIVA

APPLE-SA-2011-03-21-1

vendor-advisory

x_refsource_APPLE

USN-1042-1

vendor-advisory

x_refsource_UBUNTU

ADV-2011-0021

vdb-entry

x_refsource_VUPEN

http://www.php.net/ChangeLog-5.php

x_refsource_CONFIRM

openSUSE-SU-2012:0100

vendor-advisory

x_refsource_SUSE

20101210 PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow

mailing-list

x_refsource_BUGTRAQ

MDVSA-2010:254

vendor-advisory

x_refsource_MANDRIVA

15722

exploit

x_refsource_EXPLOIT-DB

FEDORA-2010-18976

vendor-advisory

x_refsource_FEDORA

ADV-2011-0020

vdb-entry

x_refsource_VUPEN

http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/formatter/formatter_attr.c?r1=305571&r2=305570&pathrev=305571

x_refsource_CONFIRM

45119

vdb-entry

x_refsource_BID

http://support.apple.com/kb/HT4581

x_refsource_CONFIRM

VU#479900

third-party-advisory

x_refsource_CERT-VN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-4409

Description

Affected Products

References