FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-27 12:04:33 UTC

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2a41233d-10e7-11e0-becc-0022156e8794	php-zip -- multiple Denial of Service vulnerabilities The following DoS conditions in Zip extension were fixed in PHP 5.3.4 and PHP 5.2.15: Fixed crash in zip extract method (possible CWE-170). The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive. Discovery 2010-12-13 Entry 2011-01-13 php5-zip < 5.3.4 php52-zip < 5.2.15 CVE-2010-3709 http://www.php.net/releases/5_3_4.php http://www.php.net/releases/5_2_15.php http://securityreason.com/achievement_securityalert/90

VuXML ID

Description

2a41233d-10e7-11e0-becc-0022156e8794

php-zip -- multiple Denial of Service vulnerabilities

The following DoS conditions in Zip extension were fixed in PHP 5.3.4 and PHP 5.2.15:

Fixed crash in zip extract method (possible CWE-170).
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.

Discovery 2010-12-13
Entry 2011-01-13
php5-zip

< 5.3.4

php52-zip

< 5.2.15

CVE-2010-3709
http://www.php.net/releases/5_3_4.php
http://www.php.net/releases/5_2_15.php
http://securityreason.com/achievement_securityalert/90