CVE-2010-0397

The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument.

Published : 2010-03-16 19:30 Updated : 2010-12-10 06:37

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Php Php 5.3.1 cpe:/a:php:php:5.3.1
  1. Php (1) Search CVE
    1. Php (1) Search CVE
      1. 5.3.1

CWE

There is no CWE for this CVE.

History of changes

Date Event
2010-03-16 19:30

New CVE