 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.801860 |
| Categoría: | Denial of Service |
| Título: | PHP 'grapheme_extract()' NULL Pointer Dereference Denial Of Service Vulnerability |
| Resumen: | PHP is prone to a NULL pointer dereference denial of service vulnerability. |
| Descripción: | Summary: PHP is prone to a NULL pointer dereference denial of service vulnerability. Vulnerability Insight: A flaw is caused by a NULL pointer dereference in the 'grapheme_extract()' function in the Internationalization extension (Intl) for ICU which allows context-dependent attackers to cause a denial of service via an invalid size argument. Vulnerability Impact: Successful exploitation could allows context-dependent attackers to cause a denial of service. Affected Software/OS: PHP version 5.3.5. Solution: Apply the patch the referenced advisory. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-0420 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html BugTraq ID: 46429 http://www.securityfocus.com/bid/46429 Bugtraq: 20110216 PHP 5.3.5 grapheme_extract() NULL Pointer Dereference (Google Search) http://www.securityfocus.com/archive/1/516504/100/0/threaded Bugtraq: 20110217 Re: PHP 5.3.5 grapheme_extract() NULL Pointer Dereference (Google Search) http://www.securityfocus.com/archive/1/516518/100/0/threaded CERT/CC vulnerability note: VU#210829 http://www.kb.cert.org/vuls/id/210829 Debian Security Information: DSA-2266 (Google Search) http://www.debian.org/security/2011/dsa-2266 http://www.exploit-db.com/exploits/16182 http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/grapheme/grapheme_string.c?r1=306449&r2=306448&pathrev=306449 http://securityreason.com/securityalert/8087 http://securityreason.com/achievement_securityalert/94 XForce ISS Database: php-graphemeextract-dos(65437) https://exchange.xforce.ibmcloud.com/vulnerabilities/65437 |
| Copyright | Copyright (C) 2011 Greenbone Networks GmbH |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |