Vulnerability Note VU#479900
PHP getSymbol vulnerability allows denial of service
PHP fails to properly sanitize input passed to the getSymbol function in a way that could allow and attacker to cause a segmentation fault.
PHP is a scripting language that is designed for web-based applications and can be embedded directly into HTML.
A remote attacker could cause a segmentation fault in PHP, leading to a denial of service.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|The PHP Group||Affected||-||30 Nov 2010|
CVSS Metrics (Learn More)
Thanks to Maksymilian Arciemowicz for reporting this vulnerability.
This document was written by Michael Orlando.
- CVE IDs: Unknown
- Date Public: 19 Nov 2010
- Date First Published: 30 Nov 2010
- Date Last Updated: 30 Nov 2010
- Severity Metric: 5.04
- Document Revision: 9
If you have feedback, comments, or additional information about this vulnerability, please send us email.