Описание
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 5.1.2-1ubuntu3.20 |
| devel | released | 5.3.3-1ubuntu12 |
| hardy | released | 5.2.4-2ubuntu5.13 |
| karmic | released | 5.2.10.dfsg.1-2ubuntu6.6 |
| lucid | released | 5.3.2-1ubuntu4.6 |
| maverick | released | 5.3.3-1ubuntu9.2 |
| upstream | released | 5.2.17 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 ...
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
EPSS
5 Medium
CVSS2