CVE-2010-4409

Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.

Affected Software

Name	Vendor	Start Version	End Version
Php	Php	*	5.3.3 (including)
Php	Php	1.0 (including)	1.0 (including)
Php	Php	2.0 (including)	2.0 (including)
Php	Php	2.0b10 (including)	2.0b10 (including)
Php	Php	3.0 (including)	3.0 (including)
Php	Php	3.0.1 (including)	3.0.1 (including)
Php	Php	3.0.2 (including)	3.0.2 (including)
Php	Php	3.0.3 (including)	3.0.3 (including)
Php	Php	3.0.4 (including)	3.0.4 (including)
Php	Php	3.0.5 (including)	3.0.5 (including)
Php	Php	3.0.6 (including)	3.0.6 (including)
Php	Php	3.0.7 (including)	3.0.7 (including)
Php	Php	3.0.8 (including)	3.0.8 (including)
Php	Php	3.0.9 (including)	3.0.9 (including)
Php	Php	3.0.10 (including)	3.0.10 (including)
Php	Php	3.0.11 (including)	3.0.11 (including)
Php	Php	3.0.12 (including)	3.0.12 (including)
Php	Php	3.0.13 (including)	3.0.13 (including)
Php	Php	3.0.14 (including)	3.0.14 (including)
Php	Php	3.0.15 (including)	3.0.15 (including)
Php	Php	3.0.16 (including)	3.0.16 (including)
Php	Php	3.0.17 (including)	3.0.17 (including)
Php	Php	3.0.18 (including)	3.0.18 (including)
Php	Php	4.0 (including)	4.0 (including)
Php	Php	4.0-beta_4_patch1 (including)	4.0-beta_4_patch1 (including)
Php	Php	4.0-beta1 (including)	4.0-beta1 (including)
Php	Php	4.0-beta2 (including)	4.0-beta2 (including)
Php	Php	4.0-beta3 (including)	4.0-beta3 (including)
Php	Php	4.0-beta4 (including)	4.0-beta4 (including)
Php	Php	4.0.0 (including)	4.0.0 (including)
Php	Php	4.0.1 (including)	4.0.1 (including)
Php	Php	4.0.2 (including)	4.0.2 (including)
Php	Php	4.0.3 (including)	4.0.3 (including)
Php	Php	4.0.4 (including)	4.0.4 (including)
Php	Php	4.0.5 (including)	4.0.5 (including)
Php	Php	4.0.6 (including)	4.0.6 (including)
Php	Php	4.0.7 (including)	4.0.7 (including)
Php	Php	4.1.0 (including)	4.1.0 (including)
Php	Php	4.1.1 (including)	4.1.1 (including)
Php	Php	4.1.2 (including)	4.1.2 (including)
Php	Php	4.2.0 (including)	4.2.0 (including)
Php	Php	4.2.1 (including)	4.2.1 (including)
Php	Php	4.2.2 (including)	4.2.2 (including)
Php	Php	4.2.3 (including)	4.2.3 (including)
Php	Php	4.3.0 (including)	4.3.0 (including)
Php	Php	4.3.1 (including)	4.3.1 (including)
Php	Php	4.3.2 (including)	4.3.2 (including)
Php	Php	4.3.3 (including)	4.3.3 (including)
Php	Php	4.3.4 (including)	4.3.4 (including)
Php	Php	4.3.5 (including)	4.3.5 (including)
Php	Php	4.3.6 (including)	4.3.6 (including)
Php	Php	4.3.7 (including)	4.3.7 (including)
Php	Php	4.3.8 (including)	4.3.8 (including)
Php	Php	4.3.9 (including)	4.3.9 (including)
Php	Php	4.3.10 (including)	4.3.10 (including)
Php	Php	4.3.11 (including)	4.3.11 (including)
Php	Php	4.4.0 (including)	4.4.0 (including)
Php	Php	4.4.1 (including)	4.4.1 (including)
Php	Php	4.4.2 (including)	4.4.2 (including)
Php	Php	4.4.3 (including)	4.4.3 (including)
Php	Php	4.4.4 (including)	4.4.4 (including)
Php	Php	4.4.5 (including)	4.4.5 (including)
Php	Php	4.4.6 (including)	4.4.6 (including)
Php	Php	4.4.7 (including)	4.4.7 (including)
Php	Php	4.4.8 (including)	4.4.8 (including)
Php	Php	4.4.9 (including)	4.4.9 (including)
Php	Php	5.3.0 (including)	5.3.0 (including)
Php	Php	5.3.1 (including)	5.3.1 (including)
Php	Php	5.3.2 (including)	5.3.2 (including)
Php5	Ubuntu	lucid	*
Php5	Ubuntu	maverick	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-4409
CWE	https://cwe.mitre.org/data/definitions/189.html

Affected Software

References