// For flags

CVE-2008-3659

 

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via the delimiter argument to the explode function. NOTE: the scope of this issue is limited since most applications would not use an attacker-controlled delimiter, but local attacks against safe_mode are feasible.

Un desbordamiento de búfer en la función memnstr en versiones de PHP 4.4.x anteriores a 4.4.9 y en PHP 5.6 permite a atacantes provocar una denegación de servicio (con caida de la aplicación) y posiblemente ejecutar código arbitrario a través del argumento delimiter de la función a explotar. NOTA: el alcance de esta cuestión es limitado, ya que la mayoría de las aplicaciones no usan un delimitador controlado por un atacante, pero los ataques locales contra los safe_mode son viables.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-08-12 CVE Reserved
  • 2008-08-15 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (33)
URL Tag Source
http://bugs.gentoo.org/show_bug.cgi?id=234102 X_refsource_confirm
http://news.php.net/php.cvs/52002 X_refsource_confirm
http://osvdb.org/47483 Vdb Entry
http://secunia.com/advisories/31982 Third Party Advisory
http://secunia.com/advisories/32148 Third Party Advisory
http://secunia.com/advisories/32316 Third Party Advisory
http://secunia.com/advisories/32746 Third Party Advisory
http://secunia.com/advisories/35074 Third Party Advisory
http://secunia.com/advisories/35650 Third Party Advisory
http://support.apple.com/kb/HT3549 X_refsource_confirm
http://wiki.rpath.com/Advisories:rPSA-2009-0035 X_refsource_confirm
http://www.openwall.com/lists/oss-security/2008/08/08/2 Mailing List
http://www.openwall.com/lists/oss-security/2008/08/08/3 Mailing List
http://www.openwall.com/lists/oss-security/2008/08/08/4 Mailing List
http://www.openwall.com/lists/oss-security/2008/08/13/8 Mailing List
http://www.securityfocus.com/archive/1/501376/100/0/threaded Mailing List
http://www.securitytracker.com/id?1020995 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA09-133A.html Third Party Advisory
http://www.vupen.com/english/advisories/2008/2336 Vdb Entry
http://www.vupen.com/english/advisories/2009/1297 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/44405 Vdb Entry
URL Date SRC
URL Date SRC
http://www.php.net/archive/2008.php#id2008-08-07-1 2018-10-11
URL Date SRC
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html 2018-10-11
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html 2018-10-11
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html 2018-10-11
http://marc.info/?l=bugtraq&m=124654546101607&w=2 2018-10-11
http://marc.info/?l=bugtraq&m=125631037611762&w=2 2018-10-11
http://security.gentoo.org/glsa/glsa-200811-05.xml 2018-10-11
http://www.debian.org/security/2008/dsa-1647 2018-10-11
http://www.mandriva.com/security/advisories?name=MDVSA-2009:021 2018-10-11
http://www.mandriva.com/security/advisories?name=MDVSA-2009:022 2018-10-11
http://www.mandriva.com/security/advisories?name=MDVSA-2009:023 2018-10-11
http://www.mandriva.com/security/advisories?name=MDVSA-2009:024 2018-10-11
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 4.4.0
Search vendor "Php" for product "Php" and version "4.4.0"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 4.4.1
Search vendor "Php" for product "Php" and version "4.4.1"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 4.4.2
Search vendor "Php" for product "Php" and version "4.4.2"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 4.4.3
Search vendor "Php" for product "Php" and version "4.4.3"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 4.4.4
Search vendor "Php" for product "Php" and version "4.4.4"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 4.4.5
Search vendor "Php" for product "Php" and version "4.4.5"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 4.4.6
Search vendor "Php" for product "Php" and version "4.4.6"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 4.4.7
Search vendor "Php" for product "Php" and version "4.4.7"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 4.4.8
Search vendor "Php" for product "Php" and version "4.4.8"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 5.2.0
Search vendor "Php" for product "Php" and version "5.2.0"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 5.2.1
Search vendor "Php" for product "Php" and version "5.2.1"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 5.2.2
Search vendor "Php" for product "Php" and version "5.2.2"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 5.2.3
Search vendor "Php" for product "Php" and version "5.2.3"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 5.2.4
Search vendor "Php" for product "Php" and version "5.2.4"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 5.2.5
Search vendor "Php" for product "Php" and version "5.2.5"
-
Affected
Php
Search vendor "Php"
 Php
Search vendor "Php" for product "Php"
 5.2.6
Search vendor "Php" for product "Php" and version "5.2.6"
-
Affected