Test ID:	1.3.6.1.4.1.25623.1.0.801547
Category:	Web application abuses
Title:	PHP 'filter_var()' function Stack Consumption Vulnerability
Summary:	PHP is prone to a stack consumption vulnerability.
Description:	Summary: PHP is prone to a stack consumption vulnerability. Vulnerability Insight: - The flaw exists due to an error in 'filter_var()' function, when FILTER_VALIDATE_EMAIL mode is used while processing the long e-mail address string. - A NULL pointer dereference vulnerability exists in 'ZipArchive::getArchiveComment'. Vulnerability Impact: Successful exploitation could allow remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string. Affected Software/OS: PHP version 5.2 through 5.2.14 and 5.3 through 5.3.3. Solution: Update to PHP version 5.2.15/5.3.4 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3710 42812 http://secunia.com/advisories/42812 43189 http://secunia.com/advisories/43189 43926 http://www.securityfocus.com/bid/43926 ADV-2011-0020 http://www.vupen.com/english/advisories/2011/0020 ADV-2011-0021 http://www.vupen.com/english/advisories/2011/0021 ADV-2011-0077 http://www.vupen.com/english/advisories/2011/0077 APPLE-SA-2011-03-21-1 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html FEDORA-2010-18976 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html FEDORA-2010-19011 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html HPSBOV02763 http://marc.info/?l=bugtraq&m=133469208622507&w=2 MDVSA-2010:218 http://www.mandriva.com/security/advisories?name=MDVSA-2010:218 RHSA-2011:0196 http://www.redhat.com/support/errata/RHSA-2011-0196.html SSRT100826 SUSE-SR:2010:023 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html USN-1042-1 http://www.ubuntu.com/usn/USN-1042-1 http://bugs.php.net/bug.php?id=52929 http://support.apple.com/kb/HT4581 http://www.php.net/ChangeLog-5.php http://www.php.net/archive/2010.php#id2010-12-10-1 http://www.php.net/releases/5_2_15.php http://www.php.net/releases/5_3_4.php Common Vulnerability Exposure (CVE) ID: CVE-2010-3709 1024690 http://www.securitytracker.com/id?1024690 15431 http://www.exploit-db.com/exploits/15431 20101105 PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference http://securityreason.com/achievement_securityalert/90 42729 http://secunia.com/advisories/42729 44718 http://www.securityfocus.com/bid/44718 ADV-2010-3313 http://www.vupen.com/english/advisories/2010/3313 HPSBMA02662 http://marc.info/?l=bugtraq&m=130331363227777&w=2 RHSA-2011:0195 http://www.redhat.com/support/errata/RHSA-2011-0195.html SSA:2010-357-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619 SSRT100409 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/zip/php_zip.c?view=log http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.