VYPR
Unrated severityNVD Advisory· Published Mar 16, 2010· Updated Jun 16, 2026

CVE-2010-0397

CVE-2010-0397

Description

The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • PHP/PHP2 versions
    cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*
    • (no CPE)range: 5.3.1

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.