FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-4645

This CVE name corresponds to:

Entered	Topic
2011-01-09	php -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2010-4645 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2010-4645
Phase	Assigned(20110103)

Description

strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.

References

Source	Reference
MLIST	[oss-security] 20110105 Re: possible flaw in widely used strtod.c implementation
MLIST	[oss-security] 20110105 possible flaw in widely used strtod.c implementation
MLIST	[oss-security] 20110106 Re: possible flaw in widely used strtod.c implementation
MISC	http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf
MISC	http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327&r2=307095&pathrev=307095
MISC	http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/
CONFIRM	http://bugs.php.net/53632
CONFIRM	http://support.apple.com/kb/HT5002
APPLE	APPLE-SA-2011-10-12-3
FEDORA	FEDORA-2011-0321
FEDORA	FEDORA-2011-0329
HP	HPSBMU02752
HP	SSRT100802
REDHAT	RHSA-2011:0196
REDHAT	RHSA-2011:0195
SLACKWARE	SSA:2011-010-01
UBUNTU	USN-1042-1
BID	45668
SECUNIA	42843
SECUNIA	42812
SECUNIA	43051
SECUNIA	43189
VUPEN	ADV-2011-0060
VUPEN	ADV-2011-0066
VUPEN	ADV-2011-0077
VUPEN	ADV-2011-0198
XF	php-zendstrtod-dos(64470)