FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

php-filter -- Denial of Service

Affected packages
php5-filter < 5.3.4
php52-filter < 5.2.15

Details

VuXML ID c623f058-10e7-11e0-becc-0022156e8794
Discovery 2010-12-13
Entry 2011-01-13

The following DoS condition in filter extension was fixed in PHP 5.3.4 and PHP 5.2.15:

Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string.

References

CVE Name CVE-2010-3710
URL http://www.php.net/releases/5_2_15.php
URL http://www.php.net/releases/5_3_4.php