PHP 'ext/imap/php_imap.c' Use After Free Denial Of Service Vulnerability Network Vulnerability

Summary

This host is running PHP and is prone to denial of service vulnerability.

Impact

Successful exploitation could allow local attackers to crash the affected application, denying service to legitimate users. Impact Level: Application/Network

Solution

upgrade to PHP 5.2.15 or 5.3.4 For updates refer to http://www.php.net/downloads.php

Insight

The flaw is due to an erron in 'imap_do_open' function in the IMAP extension 'ext/imap/php_imap.c'.

Affected

PHP version 5.2 before 5.2.15 and 5.3 before 5.3.4

References

http://svn.php.net/viewvc?view=revision&revision=305032
http://xforce.iss.net/xforce/xfdb/63390

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4150
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

ClamAV LZH File Unpacking Denial of Service Vulnerability (Win)
Dell OpenManage Web Server <= 3.7.1
freeSSHd Pre-Authentication Error Remote DoS Vulnerability
Firebird SQL 'op_connect_request' Denial Of Service Vulnerability (Win)
Cherokee POST request DoS

PHP 'ext/imap/php_imap.c' Use After Free Denial of Service Vulnerability

Take action and discover your vulnerabilities