CVE-2010-4645
published 2011-01-11CVE-2010-4645: strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a…
PriorityP431medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
15.10%
96.3th percentile
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_ubuntu6.8MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-89c3-82jr-pppj: strtod
ghsa_unreviewed·2022-05-17
CVE-2010-4645 [MEDIUM] GHSA-89c3-82jr-pppj: strtod
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
Ubuntu
PHP vulnerabilities
vendor_ubuntu·2011-01-11·CVSS 6.8
CVE-2010-4409 [MEDIUM] PHP vulnerabilities
Title: PHP vulnerabilities
It was discovered that an integer overflow in the XML UTF-8 decoding
code could allow an attacker to bypass cross-site scripting (XSS)
protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS,
and Ubuntu 9.10. (CVE-2009-5016)
It was discovered that the XML UTF-8 decoding code did not properly
handle non-shortest form UTF-8 encoding and ill-formed subsequences
in UTF-8 data, which could allow an attacker to bypass cross-site
scripting (XSS) protections. (CVE-2010-3870)
It was discovered that attackers might be able to bypass open_basedir()
restrictions by passing a specially crafted filename. (CVE-2010-3436)
Maksymilian Arciemowicz discovered that a NULL pointer derefence in the
ZIP archive handling code could allow an attacker to cause a denial
Red Hat
php: hang on numeric value 2.2250738585072011e-308 with x87 fpu
vendor_redhat·2010-12-30·CVSS 5.0
CVE-2010-4645 [MEDIUM] php: hang on numeric value 2.2250738585072011e-308 with x87 fpu
php: hang on numeric value 2.2250738585072011e-308 with x87 fpu
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
Statement: This issue leads to a temporary denial of service (high CPU consumption) when a PHP script handles numeric values from untrusted user input. It does not affect the versions of PHP as shipped with Red Hat Enterprise Linux 3, 4 or 5. It did affect the PHP 5.3 (php53) package on Red Hat Enterprise Linux 5.
Package: php (Red Hat Enterprise Linux 4) - Not affected
Package:
No detection rules found.
http://bugs.php.net/53632http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdfhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.htmlhttp://marc.info/?l=bugtraq&m=133226187115472&w=2http://marc.info/?l=bugtraq&m=133469208622507&w=2http://secunia.com/advisories/42812http://secunia.com/advisories/42843http://secunia.com/advisories/43051http://secunia.com/advisories/43189http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.484686http://support.apple.com/kb/HT5002http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327&r2=307095&pathrev=307095http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/http://www.openwall.com/lists/oss-security/2011/01/05/2http://www.openwall.com/lists/oss-security/2011/01/05/8http://www.openwall.com/lists/oss-security/2011/01/06/5http://www.openwall.com/lists/oss-security/2023/05/14/3http://www.redhat.com/support/errata/RHSA-2011-0195.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0196.htmlhttp://www.securityfocus.com/bid/45668http://www.ubuntu.com/usn/USN-1042-1http://www.vupen.com/english/advisories/2011/0060http://www.vupen.com/english/advisories/2011/0066http://www.vupen.com/english/advisories/2011/0077http://www.vupen.com/english/advisories/2011/0198https://exchange.xforce.ibmcloud.com/vulnerabilities/64470http://bugs.php.net/53632http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdfhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.htmlhttp://marc.info/?l=bugtraq&m=133226187115472&w=2http://marc.info/?l=bugtraq&m=133469208622507&w=2http://secunia.com/advisories/42812http://secunia.com/advisories/42843http://secunia.com/advisories/43051http://secunia.com/advisories/43189http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.484686http://support.apple.com/kb/HT5002http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327&r2=307095&pathrev=307095http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/http://www.openwall.com/lists/oss-security/2011/01/05/2http://www.openwall.com/lists/oss-security/2011/01/05/8http://www.openwall.com/lists/oss-security/2011/01/06/5http://www.openwall.com/lists/oss-security/2023/05/14/3http://www.redhat.com/support/errata/RHSA-2011-0195.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0196.htmlhttp://www.securityfocus.com/bid/45668http://www.ubuntu.com/usn/USN-1042-1http://www.vupen.com/english/advisories/2011/0060http://www.vupen.com/english/advisories/2011/0066http://www.vupen.com/english/advisories/2011/0077http://www.vupen.com/english/advisories/2011/0198https://exchange.xforce.ibmcloud.com/vulnerabilities/64470
2011-01-11
Published