CVE-2011-3182

EUVD-2011-3149
PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
Affected Products (NVD)
VendorProductVersion
phpphp
𝑥
≤ 5.3.6
phpphp
1.0
phpphp
2.0
phpphp
2.0b10:b10
phpphp
3.0
phpphp
3.0.1
phpphp
3.0.2
phpphp
3.0.3
phpphp
3.0.4
phpphp
3.0.5
phpphp
3.0.6
phpphp
3.0.7
phpphp
3.0.8
phpphp
3.0.9
phpphp
3.0.10
phpphp
3.0.11
phpphp
3.0.12
phpphp
3.0.13
phpphp
3.0.14
phpphp
3.0.15
phpphp
3.0.16
phpphp
3.0.17
phpphp
3.0.18
phpphp
4.0:beta_4_patch1
phpphp
4.0:beta1
phpphp
4.0:beta2
phpphp
4.0:beta3
phpphp
4.0:beta4
phpphp
4.0.0
phpphp
4.0.1
phpphp
4.0.2
phpphp
4.0.3
phpphp
4.0.4
phpphp
4.0.5
phpphp
4.0.6
phpphp
4.0.7
phpphp
4.1.0
phpphp
4.1.1
phpphp
4.1.2
phpphp
4.2.0
phpphp
4.2.1
phpphp
4.2.2
phpphp
4.2.3
phpphp
4.3.0
phpphp
4.3.1
phpphp
4.3.2
phpphp
4.3.3
phpphp
4.3.4
phpphp
4.3.5
phpphp
4.3.6
phpphp
4.3.7
phpphp
4.3.8
phpphp
4.3.9
phpphp
4.3.10
phpphp
4.3.11
phpphp
4.4.0
phpphp
4.4.1
phpphp
4.4.2
phpphp
4.4.3
phpphp
4.4.4
phpphp
4.4.5
phpphp
4.4.6
phpphp
4.4.7
phpphp
4.4.8
phpphp
4.4.9
phpphp
5.0.0
phpphp
5.0.0:beta1
phpphp
5.0.0:beta2
phpphp
5.0.0:beta3
phpphp
5.0.0:beta4
phpphp
5.0.0:rc1
phpphp
5.0.0:rc2
phpphp
5.0.0:rc3
phpphp
5.0.1
phpphp
5.0.2
phpphp
5.0.3
phpphp
5.0.4
phpphp
5.0.5
phpphp
5.1.0
phpphp
5.1.1
phpphp
5.1.2
phpphp
5.1.3
phpphp
5.1.4
phpphp
5.1.5
phpphp
5.1.6
phpphp
5.2.0
phpphp
5.2.1
phpphp
5.2.2
phpphp
5.2.3
phpphp
5.2.4
phpphp
5.2.5
phpphp
5.2.6
phpphp
5.2.8
phpphp
5.2.9
phpphp
5.2.10
phpphp
5.2.11
phpphp
5.2.12
phpphp
5.2.13
phpphp
5.2.14
phpphp
5.3.0
phpphp
5.3.1
phpphp
5.3.2
phpphp
5.3.3
phpphp
5.3.4
phpphp
5.3.5
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
php5
hardy
Fixed 5.2.4-2ubuntu5.18
released
lucid
Fixed 5.3.2-1ubuntu4.10
released
maverick
Fixed 5.3.3-1ubuntu9.6
released
natty
Fixed 5.3.5-1ubuntu7.3
released
oneiric
Fixed 5.3.6-13ubuntu3.2
released
References
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
http://marc.info/?l=full-disclosure&m=131373057621672&w=2
http://securityreason.com/achievement_securityalert/101
http://support.apple.com/kb/HT5130
http://www.mandriva.com/security/advisories?name=MDVSA-2011:165
http://www.openwall.com/lists/oss-security/2011/08/22/9
http://www.securityfocus.com/bid/49249
https://exchange.xforce.ibmcloud.com/vulnerabilities/69430
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
http://marc.info/?l=full-disclosure&m=131373057621672&w=2
http://securityreason.com/achievement_securityalert/101
http://support.apple.com/kb/HT5130
http://www.mandriva.com/security/advisories?name=MDVSA-2011:165
http://www.openwall.com/lists/oss-security/2011/08/22/9
http://www.securityfocus.com/bid/49249
https://exchange.xforce.ibmcloud.com/vulnerabilities/69430