PublicDateAtUSN: 2010-11-08
Candidate: CVE-2010-3709
PublicDate: 2010-11-09 01:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3709
 https://ubuntu.com/security/notices/USN-1042-1
Description:
 The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and
 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of
 service (NULL pointer dereference and application crash) via a crafted ZIP
 archive.
Ubuntu-Description:
Notes:
 mdeslaur> PoC here: http://securityreason.com/achievement_securityalert/90
 sbeattie> dapper version of php does not include zip support
Bugs:
Priority: low
Discovered-by: Maksymilian Arciemowicz
Assigned-to:
CVSS: 

Patches_php5:
  upstream: http://svn.php.net/viewvc?view=revision&revision=304505
upstream_php5: needs-triage
dapper_php5: not-affected
hardy_php5: released (5.2.4-2ubuntu5.13)
karmic_php5: released (5.2.10.dfsg.1-2ubuntu6.6)
lucid_php5: released (5.3.2-1ubuntu4.6)
maverick_php5: released (5.3.3-1ubuntu9.2)
devel_php5: not-affected (5.3.5-1ubuntu4)