CVE-2011-1467
published 2011-03-20CVE-2011-1467: Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent…
PriorityP427medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
12.72%
95.8th percentile
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409.
Affected
97 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php | php | <= 5.3.5 | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
vendor_ubuntu5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
PHP Regressions
vendor_ubuntu·2011-05-05·CVSS 5.0
CVE-2010-4697 [MEDIUM] PHP Regressions
Title: PHP Regressions
Summary: USN 1126-1 introduced two regressions in PHP.
USN 1126-1 fixed several vulnerabilities in PHP. The fix for
CVE-2010-4697 introduced an incorrect reference counting regression
in the Zend engine that caused the PHP interpreter to segfault. This
regression affects Ubuntu 6.06 LTS and Ubuntu 8.04 LTS.
The fixes for CVE-2011-1072 and CVE-2011-1144 introduced a regression
in the PEAR installer that prevented it from creating its cache
directory and reporting errors correctly.
We apologize for the inconvenience.
Original advisory details:
Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for
PHP 5.3.5 allows local users to delete arbitrary files via a symlink
attack on a directory under /var/lib/php5/. (CVE-2011-0441)
Raphael Geisert and Dan R
Ubuntu
PHP vulnerabilities
vendor_ubuntu·2011-04-29·CVSS 5.0
CVE-2011-0421 [MEDIUM] PHP vulnerabilities
Title: PHP vulnerabilities
Summary: Multiple vulnerabilities in PHP.
Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for
PHP 5.3.5 allows local users to delete arbitrary files via a symlink
attack on a directory under /var/lib/php5/. (CVE-2011-0441)
Raphael Geisert and Dan Rosenberg discovered that the PEAR installer
allows local users to overwrite arbitrary files via a symlink attack on
the package.xml file, related to the (1) download_dir, (2) cache_dir,
(3) tmp_dir, and (4) pear-build-download directories. (CVE-2011-1072,
CVE-2011-1144)
Ben Schmidt discovered that a use-after-free vulnerability in the PHP
Zend engine could allow an attacker to cause a denial of service (heap
memory corruption) or possibly execute arbitrary code. (CVE-2010-4697)
Martin Barbella disco
Red Hat
php: NumberFormatter: set a symbol value crash (DoS) on bogus values
vendor_redhat·2010-12-07·CVSS 5.0
CVE-2011-1467 [MEDIUM] php: NumberFormatter: set a symbol value crash (DoS) on bogus values
php: NumberFormatter: set a symbol value crash (DoS) on bogus values
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409.
Statement: This issue did not affect the versions of PHP as shipped with Red Hat Enterprise Linux 4 and 5. The getSymbol() and setSymbol() functions are unlikely to ever receive untrusted input as an $attr argument, and it is even less likely that they would receive such input when only a small set of pre-defined constants is expected. As a result, this flaw can only be triggered by the script author and cannot be used to cross trust boundaries. T
GHSA
GHSA-h6jj-jqvx-gmqp: Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5
ghsa_unreviewed·2022-05-14·CVSS 5.0
CVE-2011-1467 [MEDIUM] GHSA-h6jj-jqvx-gmqp: Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409.
No detection rules found.
http://bugs.php.net/bug.php?id=53512http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlhttp://support.apple.com/kb/HT5002http://www.mandriva.com/security/advisories?name=MDVSA-2011:052http://www.mandriva.com/security/advisories?name=MDVSA-2011:053http://www.php.net/ChangeLog-5.phphttp://www.securityfocus.com/bid/46968http://www.vupen.com/english/advisories/2011/0744http://bugs.php.net/bug.php?id=53512http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlhttp://support.apple.com/kb/HT5002http://www.mandriva.com/security/advisories?name=MDVSA-2011:052http://www.mandriva.com/security/advisories?name=MDVSA-2011:053http://www.php.net/ChangeLog-5.phphttp://www.securityfocus.com/bid/46968http://www.vupen.com/english/advisories/2011/0744
2011-03-20
Published