Unrated severityNVD Advisory· Published Dec 6, 2010· Updated Jun 16, 2026
CVE-2010-4409
CVE-2010-4409
Description
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
70cpe:2.3:a:php:php:*:*:*:*:*:*:*:*+ 69 more
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*range: <=5.3.3
- cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*
- (no CPE)range: <=5.3.3
Patches
Vulnerability mechanics
References
20- svn.php.net/viewvc/php/php-src/trunk/ext/intl/formatter/formatter_attr.cnvdPatch
- svn.php.net/viewvcnvdPatch
- www.kb.cert.org/vuls/id/479900nvdUS Government Resource
- lists.apple.com/archives/security-announce/2011/Mar/msg00006.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.htmlnvd
- lists.opensuse.org/opensuse-updates/2012-01/msg00035.htmlnvd
- secunia.com/advisories/42812nvd
- secunia.com/advisories/47674nvd
- support.apple.com/kb/HT4581nvd
- www.exploit-db.com/exploits/15722nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.php.net/ChangeLog-5.phpnvd
- www.securityfocus.com/archive/1/515142/100/0/threadednvd
- www.securityfocus.com/bid/45119nvd
- www.ubuntu.com/usn/USN-1042-1nvd
- www.vupen.com/english/advisories/2011/0020nvd
- www.vupen.com/english/advisories/2011/0021nvd
- www.vupen.com/english/advisories/2011/0077nvd
News mentions
0No linked articles in our index yet.