Unrated severityNVD Advisory· Published Nov 9, 2010· Updated Jun 16, 2026
CVE-2010-3709
CVE-2010-3709
Description
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 4 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
- osv-coords3 versionspkg:rpm/opensuse/php5&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php7&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php8&distro=openSUSE%20Tumbleweed
< 5.6.28-1.1+ 2 more
- (no CPE)range: < 5.6.28-1.1
- (no CPE)range: < 7.0.14-1.4
- (no CPE)range: < 8.0.11-1.1
Patches
Vulnerability mechanics
References
26- svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/zip/php_zip.cnvdPatchVendor Advisory
- svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.cnvdPatchVendor Advisory
- www.exploit-db.com/exploits/15431nvdExploitThird Party AdvisoryVDB Entry
- lists.apple.com/archives/security-announce/2011/Mar/msg00006.htmlnvdMailing ListThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.htmlnvdMailing ListThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.htmlnvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- securityreason.com/achievement_securityalert/90nvdThird Party Advisory
- slackware.com/security/viewer.phpnvdThird Party Advisory
- support.apple.com/kb/HT4581nvdThird Party Advisory
- www.php.net/ChangeLog-5.phpnvdVendor Advisory
- www.php.net/archive/2010.phpnvdVendor Advisory
- www.php.net/releases/5_2_15.phpnvdVendor Advisory
- www.php.net/releases/5_3_4.phpnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2011-0195.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/44718nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1042-1nvdThird Party Advisory
- secunia.com/advisories/42729nvdBroken Link
- secunia.com/advisories/42812nvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.vupen.com/english/advisories/2010/3313nvdPermissions Required
- www.vupen.com/english/advisories/2011/0020nvdPermissions Required
- www.vupen.com/english/advisories/2011/0021nvdPermissions Required
- www.vupen.com/english/advisories/2011/0077nvdPermissions Required
News mentions
0No linked articles in our index yet.