CVE-2010-4657
Published: 13 November 2019
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
Notes
Author | Note |
---|---|
jdstrand | per Debian, This was initially reported to be a bug in libxml2, but it later showed that PHP |
mdeslaur | can't reproduce on quantal+ The reproducer only displays garbage if the suhosin patch is applied, which is why it doesn't appear to work on quantal+ Need to check if libxml2 still walks past the end of the string if the suhosin patch isn't applied. we will not be fixing this issue |
Priority
Status
Package | Release | Status |
---|---|---|
php5 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Ignored
|
|
quantal |
Not vulnerable
(5.4.6-1ubuntu1.1)
|
|
raring |
Not vulnerable
(5.4.9-4ubuntu1)
|
|
saucy |
Not vulnerable
(5.4.9-4ubuntu1)
|
|
trusty |
Not vulnerable
(5.4.9-4ubuntu1)
|
|
upstream |
Needs triage
|
|
utopic |
Not vulnerable
(5.4.9-4ubuntu1)
|
|
vivid |
Not vulnerable
(5.4.9-4ubuntu1)
|
|
wily |
Not vulnerable
(5.4.9-4ubuntu1)
|
|
xenial |
Does not exist
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.5 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |