MDVSA-2010:255
- Package name
- php-intl
- Date
- 2010-12-15
- Advisory ID
- MDVSA-2010:255
- Affected versions
- MES5 i586 , MES5 x86_64
Problem description
A vulnerability was discovered and corrected in php-intl:
Integer overflow in the NumberFormatter::getSymbol (aka
numfmt_get_symbol) function in PHP 5.3.3 and earlier allows
context-dependent attackers to cause a denial of service (application
crash) via an invalid argument (CVE-2010-4409).
The updated packages have been upgraded to php-intl-1.1.2 and patched
to correct this issue.
Updated packages
MES5 i586
e4150c29c342b12bf02f802692c3e9af mes5/i586/php-intl-1.1.2-0.1mdvmes5.1.i586.rpm cf1acac56b390efc3b731307a8d5b139 mes5/SRPMS/php-intl-1.1.2-0.1mdvmes5.1.src.rpm
MES5 x86_64
0c5c740e3a0596ba5223de67e4219f58 mes5/x86_64/php-intl-1.1.2-0.1mdvmes5.1.x86_64.rpm cf1acac56b390efc3b731307a8d5b139 mes5/SRPMS/php-intl-1.1.2-0.1mdvmes5.1.src.rpm