CVE-2010-1866
published 2010-05-07CVE-2010-1866: The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| php | php | 5.3.0 – 5.3.2 | — |
| suse | linux_enterprise | — | — |
| suse | linux_enterprise | — | — |