CVE-2011-1657 in PHPinfo

Summary

The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

04/07/2011

Disclosure

08/25/2011

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-399 (Confirmed)

CVSS

5.3

EPSS

0.10670

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1657
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1657
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1657/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!