Vulnerability CVE-2010-3710: Information

Description

Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string.

Severity: MEDIUM (4.3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2010-3710

Published: Oct. 26, 2010

Modified: Aug. 23, 2016

Error type identifier: CWE-399

References to Advisories, Solutions, and Tools

Hyperlink	Resource
http://bugs.php.net/bug.php?id=52929	Exploit
MDVSA-2010:218
ADV-2011-0020
FEDORA-2010-18976
FEDORA-2010-19011
SUSE-SR:2010:023
http://www.php.net/archive/2010.php#id2010-12-10-1
USN-1042-1
ADV-2011-0021
43926
http://www.php.net/releases/5_2_15.php
ADV-2011-0077
42812
http://www.php.net/releases/5_3_4.php
http://www.php.net/ChangeLog-5.php
43189
RHSA-2011:0196
http://support.apple.com/kb/HT4581
APPLE-SA-2011-03-21-1
SSRT100826

Affected configurations:
1. Configuration 1
  cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
  cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*

Version: v24.5.0

Vulnerability CVE-2010-3710: Information

Description

References to Advisories, Solutions, and Tools

Configuration 1