PHP 'php_dechunk()' HTTP Chunked Encoding Integer Overflow Vulnerability Network Vulnerability

Summary

PHP is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the PHP process. Failed exploit attempts will result in a denial-of-service condition. PHP 5.3.0 through 5.3.2 are vulnerable other versions may also be affected.

References

http://php-security.org/2010/05/02/mops-2010-003-php-dechunk-filter-signed-comparison-vulnerability/index.html
http://www.php.net
http://www.securityfocus.com/bid/39877

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1866

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Assesi 'bg' Parameter SQL Injection vulnerability
Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
Allegro RomPager `Misfortune Cookie` Vulnerability
Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
Arkeia Appliance Path Traversal Vulnerability

Take action and discover your vulnerabilities