7.5

CVE-2011-1092

Exploit
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version <= 5.3.5
PhpPhp Version1.0
PhpPhp Version2.0
PhpPhp Version2.0b10
PhpPhp Version3.0
PhpPhp Version3.0.1
PhpPhp Version3.0.2
PhpPhp Version3.0.3
PhpPhp Version3.0.4
PhpPhp Version3.0.5
PhpPhp Version3.0.6
PhpPhp Version3.0.7
PhpPhp Version3.0.8
PhpPhp Version3.0.9
PhpPhp Version3.0.10
PhpPhp Version3.0.11
PhpPhp Version3.0.12
PhpPhp Version3.0.13
PhpPhp Version3.0.14
PhpPhp Version3.0.15
PhpPhp Version3.0.16
PhpPhp Version3.0.17
PhpPhp Version3.0.18
PhpPhp Version4.0
PhpPhp Version4.0 Updatebeta_4_patch1
PhpPhp Version4.0 Updatebeta1
PhpPhp Version4.0 Updatebeta2
PhpPhp Version4.0 Updatebeta3
PhpPhp Version4.0 Updatebeta4
PhpPhp Version4.0.0
PhpPhp Version4.0.1
PhpPhp Version4.0.2
PhpPhp Version4.0.3
PhpPhp Version4.0.4
PhpPhp Version4.0.5
PhpPhp Version4.0.6
PhpPhp Version4.0.7
PhpPhp Version4.1.0
PhpPhp Version4.1.1
PhpPhp Version4.1.2
PhpPhp Version4.2.0
PhpPhp Version4.2.1
PhpPhp Version4.2.2
PhpPhp Version4.2.3
PhpPhp Version4.3.0
PhpPhp Version4.3.1
PhpPhp Version4.3.2
PhpPhp Version4.3.3
PhpPhp Version4.3.4
PhpPhp Version4.3.5
PhpPhp Version4.3.6
PhpPhp Version4.3.7
PhpPhp Version4.3.8
PhpPhp Version4.3.9
PhpPhp Version4.3.10
PhpPhp Version4.3.11
PhpPhp Version4.4.0
PhpPhp Version4.4.1
PhpPhp Version4.4.2
PhpPhp Version4.4.3
PhpPhp Version4.4.4
PhpPhp Version4.4.5
PhpPhp Version4.4.6
PhpPhp Version4.4.7
PhpPhp Version4.4.8
PhpPhp Version4.4.9
PhpPhp Version5.0.0
PhpPhp Version5.0.0 Updatebeta1
PhpPhp Version5.0.0 Updatebeta2
PhpPhp Version5.0.0 Updatebeta3
PhpPhp Version5.0.0 Updatebeta4
PhpPhp Version5.0.0 Updaterc1
PhpPhp Version5.0.0 Updaterc2
PhpPhp Version5.0.0 Updaterc3
PhpPhp Version5.0.1
PhpPhp Version5.0.2
PhpPhp Version5.0.3
PhpPhp Version5.0.4
PhpPhp Version5.0.5
PhpPhp Version5.1.0
PhpPhp Version5.1.1
PhpPhp Version5.1.2
PhpPhp Version5.1.3
PhpPhp Version5.1.4
PhpPhp Version5.1.5
PhpPhp Version5.1.6
PhpPhp Version5.2.0
PhpPhp Version5.2.1
PhpPhp Version5.2.2
PhpPhp Version5.2.3
PhpPhp Version5.2.4
PhpPhp Version5.2.4 Editionwindows
PhpPhp Version5.2.5
PhpPhp Version5.2.6
PhpPhp Version5.2.7
PhpPhp Version5.2.8
PhpPhp Version5.2.9
PhpPhp Version5.2.10
PhpPhp Version5.2.11
PhpPhp Version5.2.12
PhpPhp Version5.2.13
PhpPhp Version5.2.14
PhpPhp Version5.2.15
PhpPhp Version5.2.16
PhpPhp Version5.2.17
PhpPhp Version5.3.0
PhpPhp Version5.3.1
PhpPhp Version5.3.2
PhpPhp Version5.3.3
PhpPhp Version5.3.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 17.88% 0.968
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.php.net/ChangeLog-5.php
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
http://support.apple.com/kb/HT5002
http://marc.info/?l=bugtraq&m=133469208622507&w=2
http://bugs.php.net/bug.php?id=54193
http://securityreason.com/securityalert/8130
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/shmop/shmop.c?r1=306939&r2=309018&pathrev=309018
Patch
http://www.exploit-db.com/exploits/16966
Exploit
http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
http://www.mandriva.com/security/advisories?name=MDVSA-2011:053
http://www.openwall.com/lists/oss-security/2011/03/08/11
Patch
Exploit
http://www.openwall.com/lists/oss-security/2011/03/08/9
Patch
Exploit
http://www.php.net/archive/2011.php
http://www.php.net/releases/5_3_6.php
http://www.securityfocus.com/bid/46786
Exploit
http://www.vupen.com/english/advisories/2011/0744
https://bugzilla.redhat.com/show_bug.cgi?id=683183
https://exchange.xforce.ibmcloud.com/vulnerabilities/65988