CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
88.7%
According to its banner the version of PHP installed on the remote host is earlier than 5.2.15. Such versions are potentially affected by multiple vulnerabilities :
A crash in the zip extract method.
A possible double free exists in the IMAP extension. (CVE-2010-4150)
An unspecified flaw exists in βopen_basedirβ. (CVE-2010-3436)
A possible crash could occur in βmssql_fetch_batch()β.
A NULL pointer dereference exists in βzipArchive::getArchiveCommentβ. (CVE-2010-3709)
A crash exists if anti-aliasing steps are invalid. (Bug 53492)
A crash exists in pdo_firebird get_Attribute(). (Bug 53323)
A use-after-free vulnerability in the Zend engine when a β__set()β, β__get()β, or β__unset()β method is called can allow for a denial of service attack. (Bug #52879 / CVE-2010-4697)
A stack-based buffer overflow exists in the βimagepstext()β function in the GD extension. (Bug #53492 / CVE-2010-4698)
The extract function does not prevent use of the EXTR_OVERWRITE parameter to overwrite the GLOBALS superglobal array and the βthisβ variable, which allows attackers to bypass intended access restrictions. (CVE-2011-0752)
Binary data 5733.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3436
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3709
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4150
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4697
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4698
www.php.net/ChangeLog-5.php#5.2.15
www.php.net/releases/5_2_15.php