Denial of Service : PHP 'ext/imap/php_imap.c' Use After Free Denial of Service Vulnerability

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.801583

Categoría: Denial of Service

Título: PHP 'ext/imap/php_imap.c' Use After Free Denial of Service Vulnerability

Resumen: PHP is prone to a denial of service vulnerability.

Descripción: Summary:
PHP is prone to a denial of service vulnerability.

Vulnerability Insight:
The flaw is due to an erron in 'imap_do_open' function in the IMAP
extension 'ext/imap/php_imap.c'.

Vulnerability Impact:
Successful exploitation could allow local attackers to crash the affected
application, denying service to legitimate users.

Affected Software/OS:
PHP version 5.2 before 5.2.15 and 5.3 before 5.3.4

Solution:
Update to PHP 5.2.15 or 5.3.4

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: BugTraq ID: 44980
Common Vulnerability Exposure (CVE) ID: CVE-2010-4150
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://www.securityfocus.com/bid/44980
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html
HPdes Security Advisory: HPSBOV02763
http://marc.info/?l=bugtraq&m=133469208622507&w=2
HPdes Security Advisory: SSRT100826
http://www.mandriva.com/security/advisories?name=MDVSA-2010:239
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12489
http://www.securitytracker.com/id?1024761
http://secunia.com/advisories/42729
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619
http://www.vupen.com/english/advisories/2010/3027
http://www.vupen.com/english/advisories/2010/3313
http://www.vupen.com/english/advisories/2011/0020
http://www.vupen.com/english/advisories/2011/0021
XForce ISS Database: php-phpimapc-dos(63390)
https://exchange.xforce.ibmcloud.com/vulnerabilities/63390

Copyright Copyright (C) 2011 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.801583
Categoría:	Denial of Service
Título:	PHP 'ext/imap/php_imap.c' Use After Free Denial of Service Vulnerability
Resumen:	PHP is prone to a denial of service vulnerability.
Descripción:	Summary: PHP is prone to a denial of service vulnerability. Vulnerability Insight: The flaw is due to an erron in 'imap_do_open' function in the IMAP extension 'ext/imap/php_imap.c'. Vulnerability Impact: Successful exploitation could allow local attackers to crash the affected application, denying service to legitimate users. Affected Software/OS: PHP version 5.2 before 5.2.15 and 5.3 before 5.3.4 Solution: Update to PHP 5.2.15 or 5.3.4 CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	BugTraq ID: 44980 Common Vulnerability Exposure (CVE) ID: CVE-2010-4150 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://www.securityfocus.com/bid/44980 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html HPdes Security Advisory: HPSBOV02763 http://marc.info/?l=bugtraq&m=133469208622507&w=2 HPdes Security Advisory: SSRT100826 http://www.mandriva.com/security/advisories?name=MDVSA-2010:239 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12489 http://www.securitytracker.com/id?1024761 http://secunia.com/advisories/42729 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619 http://www.vupen.com/english/advisories/2010/3027 http://www.vupen.com/english/advisories/2010/3313 http://www.vupen.com/english/advisories/2011/0020 http://www.vupen.com/english/advisories/2011/0021 XForce ISS Database: php-phpimapc-dos(63390) https://exchange.xforce.ibmcloud.com/vulnerabilities/63390
Copyright	Copyright (C) 2011 Greenbone Networks GmbH