CVE-2010-4699 (GCVE-0-2010-4699)
Vulnerability from cvelistv5 – Published: 2011-01-18 19:00 – Updated: 2024-08-07 03:55
VLAI
Summary
The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://coding.derkeiler.com/Archive/PHP/php.gener… | mailing-listx_refsource_MLIST |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.php.net/ChangeLog-5.php | x_refsource_CONFIRM |
| http://bugs.php.net/52941 | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2010-12-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:34.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[php-general] 20070410 Decoding from unknown charsets (inc. ks_c_5601-1987)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://coding.derkeiler.com/Archive/PHP/php.general/2007-04/msg00605.html"
},
{
"name": "oval:org.mitre.oval:def:12393",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12393"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.php.net/52941"
},
{
"name": "php-iconvmimedecodeheaders-sec-bypass(64963)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64963"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[php-general] 20070410 Decoding from unknown charsets (inc. ks_c_5601-1987)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://coding.derkeiler.com/Archive/PHP/php.general/2007-04/msg00605.html"
},
{
"name": "oval:org.mitre.oval:def:12393",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12393"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.php.net/52941"
},
{
"name": "php-iconvmimedecodeheaders-sec-bypass(64963)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64963"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4699",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[php-general] 20070410 Decoding from unknown charsets (inc. ks_c_5601-1987)",
"refsource": "MLIST",
"url": "http://coding.derkeiler.com/Archive/PHP/php.general/2007-04/msg00605.html"
},
{
"name": "oval:org.mitre.oval:def:12393",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12393"
},
{
"name": "http://www.php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"name": "http://bugs.php.net/52941",
"refsource": "CONFIRM",
"url": "http://bugs.php.net/52941"
},
{
"name": "php-iconvmimedecodeheaders-sec-bypass(64963)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64963"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4699",
"datePublished": "2011-01-18T19:00:00.000Z",
"dateReserved": "2011-01-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:55:34.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2010-4699",
"date": "2026-06-05",
"epss": "0.00155",
"percentile": "0.36075"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2010-4699\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-01-18T20:00:10.783\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n iconv_mime_decode_headers en la extensi\u00f3n Iconv para PHP anterior a v5.3.4 no controla adecuadamente las codificaciones que no son reconocidas por las implementaciones iconv y mbstring (tambi\u00e9n conocido como cadena multibyte), lo que permite a atacantes remotos provocar una matriz de salida incompleta, y posiblemente evitar la detecci\u00f3n de spam o tener un impacto no especificado, a trav\u00e9s de una cabecera \\\"Asunto\\\" manipulada en un mensaje de correo electr\u00f3nico, como lo demuestra el conjunto de caracteres ks_c_5601-1987.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.3.3\",\"matchCriteriaId\":\"8DBECF81-14F2-419F-9910-C86CA83328EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92647629-083F-4042-8365-4AD2EBC9C1BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83BE1120-6370-4470-8586-6581EDF3FD69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"245C601D-0FE7-47E3-8304-6FF45E9567D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"691BB8BB-329A-4640-B758-7590C99B5E42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2BC4CCE-2774-463E-82EA-36CD442D3A7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C478024C-2FCD-463F-A75E-E04660AA9DF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5BD99C0-E875-496E-BE5E-A8DCBD414B5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1851ADE5-C70C-46E0-941A-6ADF7DB5C126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69DA3BA2-AF53-4C9D-93FA-0317841595B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67B59D6A-7EDA-4C34-81D6-C2557C85D164\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEBA40B6-8FDF-41AA-8166-F491FF7F3118\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E74E2B72-A428-4BB3-B6F8-0AF5E487A807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"945FF149-3446-4905-BCA1-C397E3497B58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E446DBD-FEFA-4D22-9C9D-51F61C01E414\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C8DE728-78E1-4F9F-BC56-CD9B10E61287\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E31CC6-9356-4BB7-9F49-320AAF341E1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3E7199-8FB7-4930-9C0A-A36A698940B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDBEC461-D553-41B7-8D85-20B6A933C21C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEEF2298-98E8-409F-9205-84817CEF947B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AFC00BA-D64D-4407-AC69-FDD9FF013943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D80F2A8B-B57F-4970-867A-55E8187C1502\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"49965B80-DC27-4864-BDF0-CBBFF16BFD80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF57C14-86B6-419A-BAFF-93D01CB1E081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78BAA18C-E5A0-4210-B64B-709BBFF31EEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13A159B4-B847-47DE-B7F8-89384E6C551B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57B59616-A309-40B4-94B1-50A7BC00E35C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F39A1B1-416E-4436-8007-733B66904A14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC2E5F96-66D2-4F99-A74D-6A2305EE218E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D724D09-0D45-4701-93C9-348301217C8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6713614A-B14E-4A85-BF89-ED780068FC68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD95F8EB-B428-4B3C-9254-A5DECE03A989\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"069EB7EE-06B9-454F-9007-8DE5DCA33C53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18BF5BE6-09EA-45AD-93BF-2BEF1742534E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC1460DF-1687-4314-BF1A-01290B20302D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"470380B0-3982-48FC-871B-C8B43C81900D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63190D9B-7958-4B93-87C6-E7D5A572F6DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AAF4586-74FF-47C6-864B-656FDF3F33D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5245F990-B4A7-4ED8-909D-B8137CE79FAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5652D5B0-68E4-4239-B9B7-599AFCF4C53E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57B71BB7-5239-4860-9100-8CABC3992D8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72BD447A-4EED-482C-8F61-48FAD4FCF8BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3F9DF9D-15E5-4387-ABE3-A7583331A928\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11579E5C-D7CF-46EE-B015-5F4185C174E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C69CDE21-2FD4-4529-8F02-8709CF5E3D7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"221B9AC4-C63C-4386-B3BD-E4BC102C6124\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BEA491B-77FD-4760-8F6F-3EBC6BD810D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB25CFBB-347C-479E-8853-F49DD6CBD7D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D2937B3-D034-400E-84F5-33833CE3764D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71AEE8B4-FCF8-483B-8D4C-2E80A02E925E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C2AF1D9-33B6-4B2C-9269-426B6B720164\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84B70263-37AA-4539-A286-12038A3792C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E46E4B4-808C-4B47-81D9-EC2B02A5E57B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FF30D7F-353B-4496-9A89-4EF2BB279E0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD97DF34-35AB-4979-96E2-B23DC8556A79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7007E77F-60EF-44D8-9676-15B59DF1325F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E727CECE-E452-489A-A42F-5A069D6AF80E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"149A1FB8-593E-412B-8E1C-3E560301D500\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FC144FA-8F84-44C0-B263-B639FEAD20FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"295907B4-C3DE-4021-BE3B-A8826D4379E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B881352D-954E-4FC0-9E42-93D02A3F3089\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17437AED-816A-4CCF-96DE-8C3D0CC8DB2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74E7AE59-1CB0-4300-BBE0-109F909789EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9222821E-370F-4616-B787-CC22C2F4E7CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9809449F-9A76-4318-B233-B4C2950A6EA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA962D4-A4EC-4DC3-B8A9-D10941B92781\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8CDFEF9-C367-4800-8A2F-375C261FAE55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16E43B88-1563-4EFD-9267-AE3E8C35D67A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11E5715F-A8BC-49EF-836B-BB78E1BC0790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FA68843-158E-463E-B68A-1ACF041C4E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1874F637-77E2-4C4A-BF92-AEE96A60BFB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9592B32E-55CD-42D0-901E-8319823BC820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9BF34B5-F74C-4D56-9841-42452D60CB87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD02D837-FD28-4E0F-93F8-25E8D1C84A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88358D1E-BE6F-4CE3-A522-83D1FA4739E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86767200-6C9C-4C3E-B111-0E5BE61E197B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B00B416D-FF23-4C76-8751-26D305F0FA0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.4:*:windows:*:*:*:*:*\",\"matchCriteriaId\":\"F526115E-A68E-4B10-AA6A-9CD26CB81AF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCB6CDDD-70D3-4004-BCE0-8C4723076103\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A782CA26-9C38-40A8-92AE-D47B14D2FCE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0892C89E-9389-4452-B7E0-981A763CD426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"635F3CB1-B042-43CC-91AB-746098018D8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1F32DDF-17A3-45B5-9227-833EBEBD3923\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CDFB7E9-8510-430F-BFBC-FD811D60DC78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79D5336A-14AA-483E-9CBE-A7B53120B925\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AADA875-E0EA-483A-A07E-2914FE969972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D48A71-B84E-4B6C-9603-B3373052E568\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAAB7D55-F155-43F9-A563-F2E35CFFEF26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72243A3F-6BFD-472B-9EA4-82BE4253ED27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E415CC22-09CA-47D2-9F1A-0BCA8960835B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EF4B938-BB14-4C06-BEE9-10CA755C5DEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"981C922C-7A7D-473E-8C43-03AB62FB5B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63\"}]}]}],\"references\":[{\"url\":\"http://bugs.php.net/52941\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://coding.derkeiler.com/Archive/PHP/php.general/2007-04/msg00605.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.php.net/ChangeLog-5.php\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/64963\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12393\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.php.net/52941\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://coding.derkeiler.com/Archive/PHP/php.general/2007-04/msg00605.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.php.net/ChangeLog-5.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/64963\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12393\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…