PHP 'ext/imap/php_imap.c' Use After Free Denial Of Service Vulnerability Network Vulnerability

Summary

This host is running PHP and is prone to denial of service vulnerability.

Impact

Successful exploitation could allow local attackers to crash the affected application, denying service to legitimate users. Impact Level: Application/Network

Solution

upgrade to PHP 5.2.15 or 5.3.4 For updates refer to http://www.php.net/downloads.php

Insight

The flaw is due to an erron in 'imap_do_open' function in the IMAP extension 'ext/imap/php_imap.c'.

Affected

PHP version 5.2 before 5.2.15 and 5.3 before 5.3.4

References

http://svn.php.net/viewvc?view=revision&revision=305032
http://xforce.iss.net/xforce/xfdb/63390

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4150

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

COWON Media Center JetAudio .wav File Denial Of Service Vulnerability
Comodo Internet Security Denial of Service Vulnerability-04
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Windows)
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Linux)
Apache Subversion 'mod_dav_svn' log REPORT Request DoS Vulnerability

PHP 'ext/imap/php_imap.c' Use After Free Denial of Service Vulnerability

Take action and discover your vulnerabilities