WEB APPLICATION VULNERABILITIES Standard & Premium

PHP hangs on parsing particular strings as floating point number

Description

This alert was generated using only banner information. It may be a false positive.

PHP hangs when parsing '2.2250738585072011e-308' string as a floating point number.

Affected PHP versions: 5.3 up to version 5.3.5 and 5.2 up to version 5.2.17

Remediation

Upgrade PHP to the latest version.

References

PHP Hangs On Numeric Value 2.2250738585072011e-308

Related Vulnerabilities

WordPress Plugin WooCommerce PHP Object Injection (3.2.3)

MySQL CVE-2024-21218 Vulnerability (CVE-2024-21218)

Jboss EAP XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2018-1000632)

Oracle Database Server Other Vulnerability (CVE-2006-5343)

Ruby Inadequate Encryption Strength Vulnerability (CVE-2021-32066)

Severity

Medium

Classification

CVE-2010-4645 CWE-189 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Tags

Denial Of Service Missing Update