Vulnerabilities

CVE-2010-0397

by Fred · 16/03/2010

The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument.

Date published : 2010-03-16

http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

Similar

Tags: Cybersecurity Alert