Vulnerability Name:

CVE-2010-3870 (CCN-63162)

Assigned:2009-09-27
Published:2009-09-27
Updated:2023-02-13
Summary:The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.4 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Bypass Security
References:Source: secalert@redhat.com
Type: Exploit, Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Exploit, Vendor Advisory
secalert@redhat.com

Source: MITRE
Type: CNA
CVE-2010-3870

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: RHSA-2010-0919
Moderate: php security update

Source: CCN
Type: RHSA-2011-0195
Moderate: php security update

Source: CCN
Type: SA48737
F5 Products PHP Multiple Vulnerabilities

Source: CCN
Type: SECTRACK ID: 1024797
PHP Validation Flaw in utf8_decode() Permits Cross-Site Scripting Attacks and Lets Remote Users Inject SQL Commands

Source: secalert@redhat.com
Type: Exploit, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: Apple Web site
About the security content of Mac OS X v10.6.7 and Security Update 2011-001

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: F5 Web site
Multiple PHP vulnerabilities

Source: CCN
Type: PHP SVN Repository
Revision 304959

Source: secalert@redhat.com
Type: Patch, Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Exploit, Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Exploit, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Exploit, Third Party Advisory
secalert@redhat.com

Source: DEBIAN
Type: DSA-2195
php5 -- several vulnerabilities

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: OSVDB ID: 69227
PHP ext/xml/xml.c xml_utf8_decode Function UTF-8 Encoding Remote Overflow

Source: CCN
Type: OSVDB ID: 69230
PHP utf8_decode Function UTF-8 Encoding / Data Crafted String Protection Mechanism Bypass

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: BID-44605
PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
php-utfdecode-security-bypass(63162)

Source: SUSE
Type: SUSE-SR:2010:023
SUSE Security Summary Report

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*
  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
  • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*
  • Configuration RedHat 11:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*
  • Configuration RedHat 12:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*
  • Configuration RedHat 13:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.3.2:-:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/h:f5:firepass:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*
  • OR cpe:/a:f5:firepass:7.0.0:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20103870
    V
    CVE-2010-3870
    2022-05-20
    oval:org.opensuse.security:def:31224
    P
    Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:42077
    P
    Security update for curl (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:31150
    P
    Security update for xorg-x11-server (Important)
    2021-04-14
    oval:org.opensuse.security:def:31748
    P
    Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:31356
    P
    Security update for python (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:35670
    P
    apache2-mod_php5-5.2.14-0.7.24.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25563
    P
    Security update for xrdp (Important)
    2020-12-01
    oval:org.opensuse.security:def:26670
    P
    apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31892
    P
    Security update for expat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25798
    P
    Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25222
    P
    Security update for java-1_8_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:31958
    P
    Security update for gtk2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25900
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31505
    P
    Security update for python27 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25297
    P
    Security update for libX11 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32635
    P
    apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25953
    P
    Security update for gcc48 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25506
    P
    Security update for openexr (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31139
    P
    Security update for less (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26635
    P
    quagga on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31853
    P
    Security update for coreutils (Important)
    2020-12-01
    oval:org.opensuse.security:def:25647
    P
    Security update for freetype2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25221
    P
    Security update for sysstat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31914
    P
    Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25851
    P
    Security update for freerdp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31448
    P
    Security update for postgresql-init (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25233
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32596
    P
    postgresql on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25939
    P
    Security update for gstreamer-0_10-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31592
    P
    Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25425
    P
    Security update for bluez (Important)
    2020-12-01
    oval:org.opensuse.security:def:31138
    P
    Security update for lcms
    2020-12-01
    oval:org.opensuse.security:def:25997
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31804
    P
    Security update for ant (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:23479
    P
    ELSA-2011:0195: php security update (Moderate)
    2014-07-21
    oval:org.mitre.oval:def:13005
    P
    USN-1042-1 -- php5 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:12808
    P
    DSA-2195-1 php5 -- several
    2014-06-23
    oval:org.mitre.oval:def:23101
    P
    ELSA-2010:0919: php security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21534
    P
    RHSA-2011:0195: php security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:22022
    P
    RHSA-2010:0919: php security update (Moderate)
    2014-02-24
    oval:com.redhat.rhsa:def:20110195
    P
    RHSA-2011:0195: php security update (Moderate)
    2011-02-03
    oval:com.redhat.rhsa:def:20100919
    P
    RHSA-2010:0919: php security update (Moderate)
    2010-11-29
    BACK
    apple mac os x server 10.6
    apple mac os x 10.6
    apple mac os x server 10.6.1
    apple mac os x 10.6.1
    apple mac os x server 10.6.2
    apple mac os x 10.6.2
    apple mac os x 10.6.3
    apple mac os x server 10.6.3
    php php 5.3.2
    apple mac os x server 10.6.4
    apple mac os x 10.6.4
    apple mac os x server 10.6.5
    apple mac os x 10.6.5
    apple mac os x server 10.6.6
    apple mac os x 10.6.6
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 5
    redhat enterprise linux 5
    f5 firepass 6.0
    mandriva linux 2010
    mandriva linux 2010
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6
    f5 firepass 7.0.0