{"vuid":"VU#479900","idnumber":"479900","name":"PHP getSymbol vulnerability allows denial of service","keywords":["PHP","getSymbol","NumberFormatter","Integer Overflow","arbitrary code execution"],"overview":"PHP fails to properly sanitize input passed to the getSymbol function in a way that could allow and attacker to cause a segmentation fault.","clean_desc":"PHP is a scripting language that is designed for web-based applications and can be embedded directly into HTML. The getSymbol function in PHP versions prior to 5.3.3 revision 305571 contains an integer overflow vulnerability. For more information about this issue, see the PHP CVS log.","impact":"A remote attacker could cause a segmentation fault in PHP, leading to a denial of service.","resolution":"Upgrade PHP 5.3.3 revision 305571 was released to address this vulnerability.","workarounds":"","sysaffected":"","thanks":"Thanks to Maksymilian Arciemowicz for reporting this vulnerability.","author":"This document was written by Michael Orlando.","public":["h","t","t","p",":","/","/","s","v","n",".","p","h","p",".","n","e","t","/","v","i","e","w","v","c","?","v","i","e","w","=","r","e","v","i","s","i","o","n","&","r","e","v","i","s","i","o","n","=","3","0","5","5","7","1"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2010-11-22T20:12:41Z","publicdate":"2010-11-19T00:00:00Z","datefirstpublished":"2010-11-30T20:28:43Z","dateupdated":"2010-11-30T20:28:44Z","revision":9,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"17","cam_population":"10","cam_impact":"3","cam_easeofexploitation":"14","cam_attackeraccessrequired":"20","cam_scorecurrent":"5.04","cam_scorecurrentwidelyknown":"5.8275","cam_scorecurrentwidelyknownexploited":"8.9775","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":5.04,"vulnote":null}