Lucene search

PRIOn knowledge basePRION:CVE-2011-1470

HistoryMar 20, 2011 - 2:00 a.m.

Code injection

2011-03-2002:00:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.6%

JSON

The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function.

CPENameOperatorVersion
phpeq4.3.9
phpeq4.4.9
phpeq3.0
phpeq5.2.9
phpeq4.0 beta1
phpeq3.0.5
phpeq3.0.11
phpeq5.2.4 windows
phpeq5.1.5
phpeq5.1.2

Name	Operator	Version
php	eq	4.3.9
php	eq	4.4.9
php	eq	3.0
php	eq	5.2.9
php	eq	4.0 beta1
php	eq	3.0.5
php	eq	3.0.11
php	eq	5.2.4 windows
php	eq	5.1.5
php	eq	5.1.2

Rows per page:

1-10 of 1101

References

bugs.php.net/bug.php?id=53579

lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

support.apple.com/kb/HT5002

www.mandriva.com/security/advisories?name=MDVSA-2011:052

www.mandriva.com/security/advisories?name=MDVSA-2011:053

www.php.net/ChangeLog-5.php

www.securityfocus.com/bid/46969

www.vupen.com/english/advisories/2011/0744