Vulnerability Description
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php | Php | >= 5.3.0, <= 5.3.2 |
| Opensuse | Opensuse | 11.1 |
| Suse | Linux Enterprise | 10.0 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.htmlMailing List
- http://php-security.org/2010/05/02/mops-2010-003-php-dechunk-filter-signed-compaBroken LinkExploit
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.htmlMailing List
- http://php-security.org/2010/05/02/mops-2010-003-php-dechunk-filter-signed-compaBroken LinkExploit
FAQ
What is CVE-2010-1866?
CVE-2010-1866 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corrupti...
How severe is CVE-2010-1866?
CVE-2010-1866 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2010-1866?
Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Opensuse Opensuse, Suse Linux Enterprise.