Summary
PHP is prone to a denial-of-service vulnerability because the application fails to handle certain file requests.
Attackers can exploit this issue to crash the affected application, denying service to legitimate users.
PHP 4.4 prior to 4.4.9 and PHP 5.2 through 5.2.6 are vulnerable.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2008-3660 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache mod_proxy_ajp Information Disclosure Vulnerability
- Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
- Apache Web Server ETag Header Information Disclosure Weakness
- Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
- 123 Flash Chat Multiple Security Vulnerabilities