Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2011-3182

PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function.

  • Published: Aug 25, 2011
  • Updated: Apr 13, 2023
  • CVE: CVE-2011-3182
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Software From Fixed in
php / php 4.3.9 4.3.9.x
php / php 4.4.9 4.4.9.x
php / php 3.0 3.0.x
php / php 5.2.9 5.2.9.x
php / php 4.0-beta1 4.0-beta1.x
php / php 3.0.5 3.0.5.x
php / php 3.0.11 3.0.11.x
php / php 5.1.5 5.1.5.x
php / php 5.1.2 5.1.2.x
php / php 4.0-beta4 4.0-beta4.x
php / php 5.3.1 5.3.1.x
php / php 4.2.0 4.2.0.x
php / php 5.1.1 5.1.1.x
php / php 3.0.1 3.0.1.x
php / php 5.2.14 5.2.14.x
php / php 3.0.2 3.0.2.x
php / php 4.4.4 4.4.4.x
php / php 5.0.0-beta1 5.0.0-beta1.x
php / php 4.1.0 4.1.0.x
php / php 5.1.6 5.1.6.x
php / php 4.3.4 4.3.4.x
php / php 4.0.4 4.0.4.x
php / php 4.3.0 4.3.0.x
php / php 4.0.5 4.0.5.x
php / php 5.2.2 5.2.2.x
php / php 3.0.8 3.0.8.x
php / php 5.0.5 5.0.5.x
php / php 4.3.6 4.3.6.x
php / php 3.0.13 3.0.13.x
php / php 5.0.1 5.0.1.x
php / php 5.1.4 5.1.4.x
php / php 5.2.5 5.2.5.x
php / php 4.3.7 4.3.7.x
php / php 5.0.4 5.0.4.x
php / php 4.2.2 4.2.2.x
php / php 4.4.2 4.4.2.x
php / php 5.2.12 5.2.12.x
php / php 3.0.7 3.0.7.x
php / php 4.3.2 4.3.2.x
php / php 4.3.11 4.3.11.x
php / php 4.0.0 4.0.0.x
php / php 3.0.6 3.0.6.x
php / php 3.0.17 3.0.17.x
php / php 4.0.7 4.0.7.x
php / php 4.0.2 4.0.2.x
php / php 4.3.3 4.3.3.x
php / php 2.0 2.0.x
php / php 4.1.1 4.1.1.x
php / php 3.0.15 3.0.15.x
php / php 3.0.16 3.0.16.x
php / php 5.2.11 5.2.11.x
php / php 5.2.6 5.2.6.x
php / php 5.3.0 5.3.0.x
php / php 4.4.3 4.4.3.x
php / php 5.0.0-rc2 5.0.0-rc2.x
php / php 5.2.3 5.2.3.x
php / php 5.3.3 5.3.3.x
php / php 5.0.3 5.0.3.x
php / php 3.0.10 3.0.10.x
php / php 3.0.4 3.0.4.x
php / php 4.2.3 4.2.3.x
php / php 5.1.0 5.1.0.x
php / php 4.4.5 4.4.5.x
php / php 5.2.13 5.2.13.x
php / php 5.0.0-rc3 5.0.0-rc3.x
php / php 4.0-beta2 4.0-beta2.x
php / php 2.0b10 2.0b10.x
php / php 4.4.8 4.4.8.x
php / php 4.0.6 4.0.6.x
php / php 5.2.0 5.2.0.x
php / php 5.2.4 5.2.4.x
php / php 4.1.2 4.1.2.x
php / php 5.0.0-beta3 5.0.0-beta3.x
php / php 5.3.2 5.3.2.x
php / php 5.3.4 5.3.4.x
php / php 4.3.1 4.3.1.x
php / php 5.1.3 5.1.3.x
php / php 3.0.18 3.0.18.x
php / php 4.0-beta_4_patch1 4.0-beta_4_patch1.x
php / php 4.4.0 4.4.0.x
php / php 5.2.10 5.2.10.x
php / php 4.3.10 4.3.10.x
php / php 4.2.1 4.2.1.x
php / php 5.0.0-rc1 5.0.0-rc1.x
php / php 4.0.1 4.0.1.x
php / php 1.0 1.0.x
php / php 5.0.2 5.0.2.x
php / php 4.4.6 4.4.6.x
php / php 3.0.12 3.0.12.x
php / php 5.3.5 5.3.5.x
php / php - 5.3.6.x
php / php 4.4.1 4.4.1.x
php / php 4.0-beta3 4.0-beta3.x
php / php 5.2.1 5.2.1.x
php / php 4.0.3 4.0.3.x
php / php 3.0.14 3.0.14.x
php / php 3.0.9 3.0.9.x
php / php 3.0.3 3.0.3.x
php / php 5.0.0-beta4 5.0.0-beta4.x
php / php 5.0.0 5.0.0.x
php / php 4.3.8 4.3.8.x
php / php 4.3.5 4.3.5.x
php / php 5.0.0-beta2 5.0.0-beta2.x
php / php 5.2.8 5.2.8.x
php / php 4.4.7 4.4.7.x