CVE-2010-3709
Publication date 8 November 2010
Last updated 24 July 2024
Ubuntu priority
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
Status
Package | Ubuntu Release | Status |
---|---|---|
php5 | 10.10 maverick |
Fixed 5.3.3-1ubuntu9.2
|
10.04 LTS lucid |
Fixed 5.3.2-1ubuntu4.6
|
|
9.10 karmic |
Fixed 5.2.10.dfsg.1-2ubuntu6.6
|
|
8.04 LTS hardy |
Fixed 5.2.4-2ubuntu5.13
|
|
6.06 LTS dapper |
Not affected
|
Notes
Patch details
Package | Patch details |
---|---|
php5 |
References
Related Ubuntu Security Notices (USN)
- USN-1042-1
- PHP vulnerabilities
- 11 January 2011