Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2011-4153

PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string data, as demonstrated by the define function in zend_builtin_functions.c, and unspecified functions in ext/soap/php_sdl.c, ext/standard/syslog.c, ext/standard/browscap.c, ext/oci8/oci8.c, ext/com_dotnet/com_typeinfo.c, and main/php_open_temporary_file.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.053
EPSS Ranking 89.6%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2011-4153
  • Php » Php » Version: 5.3.8
    cpe:2.3:a:php:php:5.3.8


Products
Pricing
Contact Us

Shodan ® - All rights reserved