CVE-2010-4156 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW	AV:N/AC:L/Au:N/C:P/I:N/A:N
redhat	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 94%

Vendor	Product	Version
scottmac	libmbfl	1.1.0

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

php5

maverick	Fixed 5.3.3-1ubuntu9.2 released
lucid	not-affected
karmic	not-affected
hardy	not-affected
dapper	not-affected

Known Exploits!

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html

http://marc.info/?l=bugtraq&m=130331363227777&w=2

http://pastie.org/1279428

http://pastie.org/1279682

http://secunia.com/advisories/42135

http://secunia.com/advisories/42812

http://secunia.com/advisories/43189

http://www.mandriva.com/security/advisories?name=MDVSA-2010:225

http://www.openwall.com/lists/oss-security/2010/11/07/2

http://www.openwall.com/lists/oss-security/2010/11/08/13

http://www.php.net/ChangeLog-5.php

http://www.redhat.com/support/errata/RHSA-2011-0196.html

http://www.securityfocus.com/bid/44727

http://www.ubuntu.com/usn/USN-1042-1

http://www.vupen.com/english/advisories/2011/0020

http://www.vupen.com/english/advisories/2011/0021

http://www.vupen.com/english/advisories/2011/0077

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html

http://marc.info/?l=bugtraq&m=130331363227777&w=2

http://pastie.org/1279428

http://pastie.org/1279682

http://secunia.com/advisories/42135

http://secunia.com/advisories/42812

http://secunia.com/advisories/43189

http://www.mandriva.com/security/advisories?name=MDVSA-2010:225

http://www.openwall.com/lists/oss-security/2010/11/07/2

http://www.openwall.com/lists/oss-security/2010/11/08/13

http://www.php.net/ChangeLog-5.php

http://www.redhat.com/support/errata/RHSA-2011-0196.html

http://www.securityfocus.com/bid/44727

http://www.ubuntu.com/usn/USN-1042-1

http://www.vupen.com/english/advisories/2011/0020

http://www.vupen.com/english/advisories/2011/0021

http://www.vupen.com/english/advisories/2011/0077