CVE-2010-0397
PHP 5.3.2 'xmlrpc' Extension - Multiple Remote Denial of Service Vulnerabilities
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument.
La extensión xmlrpc en PHP v5.3.1 no maneja adecuadamente el elemento methodName perdido en el primer argumento de la función xmlrpc_decode, lo que permite a atacantes dependientes del contexto causar una denegación de servicio (puntero de dereferencia nulo y caída de aplicación) y probablemente tener otro impacto no especificado a través de un argumento manipulado.
This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible resource destruction issues in shm_put_var(). Fixed a possible information leak because of interruption of XOR operator. Fixed a possible memory corruption because of unexpected call-time pass by reference and following memory clobbering through callbacks. Fixed a possible memory corruption in ArrayObject::uasort(). Fixed a possible memory corruption in parse_str(). Fixed a possible memory corruption in pack(). Fixed a possible memory corruption in substr_replace(). Fixed a possible memory corruption in addcslashes(). Fixed a possible stack exhaustion inside fnmatch(). Fixed a possible dechunking filter buffer overflow. Fixed a possible arbitrary memory access inside sqlite extension. Fixed string format validation inside phar extension. Fixed handling of session variable serialization on certain prefix characters. Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed SplObjectStorage unserialization problems. Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third party extensions and required dependencies has been upgraded and/or rebuilt for the new php version.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-01-27 CVE Reserved
- 2010-03-16 CVE Published
- 2014-06-14 First Exploit
- 2024-08-07 CVE Updated
- 2025-07-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (18)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/42410 | Third Party Advisory | |
| http://support.apple.com/kb/HT4312 | X_refsource_confirm |
|
| http://support.apple.com/kb/HT4435 | X_refsource_confirm |
|
| http://www.vupen.com/english/advisories/2010/0724 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2010/3081 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/33755 | 2014-06-14 | |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573573 | 2024-08-07 | |
| http://www.openwall.com/lists/oss-security/2010/03/12/5 | 2024-08-07 | |
| http://www.securityfocus.com/bid/38708 | 2024-08-07 |
| URL | Date | SRC |
|---|