Описание
Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 5.1.2-1ubuntu3.22 |
| devel | not-affected | 5.3.5-1ubuntu7.2 |
| hardy | released | 5.2.4-2ubuntu5.15 |
| karmic | released | 5.2.10.dfsg.1-2ubuntu6.9 |
| lucid | released | 5.3.2-1ubuntu4.8 |
| maverick | released | 5.3.3-1ubuntu9.4 |
| natty | released | 5.3.5-1ubuntu7.1 |
| upstream | released | 5.3.6 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls.
Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls.
Integer signedness error in zip_stream.c in the Zip extension in PHP b ...
Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls.
EPSS
4.3 Medium
CVSS2