OSVDB ID: 70607

Title: PHP Zend Engine Multiple Method Object Reference Access Use-after-free DoS

Info

Disclosure

Sep 18, 2010

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Dec 10, 2010

Description

PHP contains a flaw that may allow a context-dependent denial of service. The issue is triggered when a use-after-free error in the Zend engine occurs, allowing a context-dependent attacker to use vectors related to the '__set', '__get', '__isset' and '__unset' methods to cause a denial of service, or possibly have other unspecified impact.

Classification

Location: Local / Remote, Context Dependent
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Availability
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

Upgrade to version 5.2.15, 5.3.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

The PHP Group	PHP	5.2.14
		5.3.3

References

CVE ID: 2010-4697 (see also: NVD)
Secunia Advisory ID: 43929 43939 44405 46358 48737 48802
Vendor Specific News/Changelog Entry: http://bugs.php.net/52879
http://security.gentoo.org/glsa/glsa-201110-06.xml
http://www.php.net/ChangeLog-5.php
Vendor Specific Advisory URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03281867
http://support.f5.com/kb/en-us/solutions/public/13000/500/sol13519.html
http://www.ubuntu.com/usn/usn-1126-1/
http://www.ubuntu.com/usn/usn-1126-2/
https://hermes.opensuse.org/messages/7796412
https://hermes.opensuse.org/messages/7801177
Packet Storm: http://packetstormsecurity.org/files/111919/HP-Security-Bulletin-HPSBOV02763-SSRT100826.html
Mail List Post: http://seclists.org/bugtraq/2012/Apr/113
http://seclists.org/fulldisclosure/2011/Oct/483
Vendor URL: http://www.php.net

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/70607

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

The PHP Group

PHP

References

Credit