{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-16T00:00:00", "descriptions": [{"lang": "en", "value": "The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "20110216 PHP 5.3.5 grapheme_extract() NULL Pointer Dereference", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/516504/100/0/threaded"}, {"name": "DSA-2266", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2266"}, {"name": "VU#210829", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/210829"}, {"name": "46429", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46429"}, {"name": "8087", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8087"}, {"name": "16182", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/16182"}, {"name": "APPLE-SA-2011-10-12-3", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"}, {"name": "php-graphemeextract-dos(65437)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65437"}, {"name": "20110217 Re: PHP 5.3.5 grapheme_extract() NULL Pointer Dereference", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/516518/100/0/threaded"}, {"name": "20110217 PHP 5.3.5 grapheme_extract() NULL Pointer Dereference", "tags": ["third-party-advisory", "x_refsource_SREASONRES"], "url": "http://securityreason.com/achievement_securityalert/94"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT5002"}, {"tags": ["x_refsource_MISC"], "url": "http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/grapheme/grapheme_string.c?r1=306449&r2=306448&pathrev=306449"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2011-0420", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20110216 PHP 5.3.5 grapheme_extract() NULL Pointer Dereference", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516504/100/0/threaded"}, {"name": "DSA-2266", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2011/dsa-2266"}, {"name": "VU#210829", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/210829"}, {"name": "46429", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46429"}, {"name": "8087", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8087"}, {"name": "16182", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/16182"}, {"name": "APPLE-SA-2011-10-12-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"}, {"name": "php-graphemeextract-dos(65437)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65437"}, {"name": "20110217 Re: PHP 5.3.5 grapheme_extract() NULL Pointer Dereference", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516518/100/0/threaded"}, {"name": "20110217 PHP 5.3.5 grapheme_extract() NULL Pointer Dereference", "refsource": "SREASONRES", "url": "http://securityreason.com/achievement_securityalert/94"}, {"name": "http://support.apple.com/kb/HT5002", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT5002"}, {"name": "http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/grapheme/grapheme_string.c?r1=306449&r2=306448&pathrev=306449", "refsource": "MISC", "url": "http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/grapheme/grapheme_string.c?r1=306449&r2=306448&pathrev=306449"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:51:08.941Z"}, "title": "CVE Program Container", "references": [{"name": "20110216 PHP 5.3.5 grapheme_extract() NULL Pointer Dereference", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/516504/100/0/threaded"}, {"name": "DSA-2266", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2266"}, {"name": "VU#210829", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/210829"}, {"name": "46429", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46429"}, {"name": "8087", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8087"}, {"name": "16182", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/16182"}, {"name": "APPLE-SA-2011-10-12-3", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"}, {"name": "php-graphemeextract-dos(65437)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65437"}, {"name": "20110217 Re: PHP 5.3.5 grapheme_extract() NULL Pointer Dereference", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/516518/100/0/threaded"}, {"name": "20110217 PHP 5.3.5 grapheme_extract() NULL Pointer Dereference", "tags": ["third-party-advisory", "x_refsource_SREASONRES", "x_transferred"], "url": "http://securityreason.com/achievement_securityalert/94"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT5002"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/grapheme/grapheme_string.c?r1=306449&r2=306448&pathrev=306449"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2011-0420", "datePublished": "2011-02-18T23:00:00", "dateReserved": "2011-01-11T00:00:00", "dateUpdated": "2024-08-06T21:51:08.941Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "A9E6D530-91FC-42F4-A427-6601238E0187", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference."}, {"lang": "es", "value": "La funci\u00f3n grapheme_extract en la extensi\u00f3n de Internacionalizaci\u00f3n (Intl) para ICU para PHP v5.3.5 permite provocar una denegaci\u00f3n de servicio (con ca\u00edda de la aplicaci\u00f3n) a atacantes dependientes del contexto a trav\u00e9s de un argumento de tama\u00f1o no v\u00e1lido, lo que provoca una desreferencia de puntero NULL."}], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\r\n'CWE-476: NULL Pointer Dereference'", "id": "CVE-2011-0420", "lastModified": "2018-10-10T20:09:47.890", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-02-19T01:00:02.933", "references": [{"source": "cret@cert.org", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"}, {"source": "cret@cert.org", "tags": ["Exploit"], "url": "http://securityreason.com/achievement_securityalert/94"}, {"source": "cret@cert.org", "url": "http://securityreason.com/securityalert/8087"}, {"source": "cret@cert.org", "url": "http://support.apple.com/kb/HT5002"}, {"source": "cret@cert.org", "tags": ["Patch"], "url": "http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/grapheme/grapheme_string.c?r1=306449&r2=306448&pathrev=306449"}, {"source": "cret@cert.org", "url": "http://www.debian.org/security/2011/dsa-2266"}, {"source": "cret@cert.org", "url": "http://www.exploit-db.com/exploits/16182"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/210829"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/516504/100/0/threaded"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/516518/100/0/threaded"}, {"source": "cret@cert.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/46429"}, {"source": "cret@cert.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65437"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "php: missing $size checks in grapheme_extract()", "id": "678885", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678885"}, "csaw": false, "cvss": {"cvss_base_score": "2.6", "cvss_scoring_vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "status": "draft"}, "details": ["The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference."], "name": "CVE-2011-0420", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:3", "fix_state": "Not affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux 3"}, {"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "php53", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2011-02-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-0420\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-0420"], "statement": "Red Hat does not consider this flaw to be a security issue. The size argument of the grapheme_extract function is unlikely to from an untrusted source unfiltered, therefore the value passed to the function is under the the full control of the script author and no trust boundary is crossed."}