Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2010-1128

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-26 Mar, 2010 | 20:00
Updated At-07 Aug, 2024 | 01:14
Rejected At-
Credits

The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:26 Mar, 2010 | 20:00
Updated At:07 Aug, 2024 | 01:14
Rejected At:
▼CVE Numbering Authority (CNA)

The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2010/0479
vdb-entry
x_refsource_VUPEN
http://www.php.net/releases/5_2_13.php
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2010-0919.html
vendor-advisory
x_refsource_REDHAT
http://www.php.net/ChangeLog-5.php
x_refsource_CONFIRM
http://secunia.com/advisories/38708
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/38430
vdb-entry
x_refsource_BID
http://secunia.com/advisories/42410
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/3081
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2010/0479
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.php.net/releases/5_2_13.php
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0919.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.php.net/ChangeLog-5.php
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/38708
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/38430
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/42410
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2010/3081
Resource:
vdb-entry
x_refsource_VUPEN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2010/0479
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.php.net/releases/5_2_13.php
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0919.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.php.net/ChangeLog-5.php
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/38708
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/38430
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/42410
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2010/3081
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/0479
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.php.net/releases/5_2_13.php
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0919.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.php.net/ChangeLog-5.php
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/38708
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/38430
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/42410
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/3081
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:26 Mar, 2010 | 20:30
Updated At:11 Apr, 2025 | 00:51

The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.4MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
Type: Primary
Version: 2.0
Base score: 6.4
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:N
CPE Matches
The PHP Group
php
>>php>>Versions up to 5.2.12(inclusive)
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.0
cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.1
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.2
cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.3
cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.4
cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.5
cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.6
cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.7
cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.8
cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.9
cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.10
cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.11
cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-310Primarynvd@nist.gov
CWE ID: CWE-310
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2010-04-14T00:00:00

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=577582 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/

References
HyperlinkSourceResource
http://secunia.com/advisories/38708cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/42410cve@mitre.org
N/A
http://www.php.net/ChangeLog-5.phpcve@mitre.org
N/A
http://www.php.net/releases/5_2_13.phpcve@mitre.org
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0919.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/38430cve@mitre.org
Exploit
http://www.vupen.com/english/advisories/2010/0479cve@mitre.org
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2010/3081cve@mitre.org
N/A
http://secunia.com/advisories/38708af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/42410af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.php.net/ChangeLog-5.phpaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.php.net/releases/5_2_13.phpaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0919.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/38430af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.vupen.com/english/advisories/2010/0479af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2010/3081af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://secunia.com/advisories/38708
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/42410
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.php.net/ChangeLog-5.php
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.php.net/releases/5_2_13.php
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0919.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/38430
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.vupen.com/english/advisories/2010/0479
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/3081
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/38708
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/42410
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.php.net/ChangeLog-5.php
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.php.net/releases/5_2_13.php
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0919.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/38430
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.vupen.com/english/advisories/2010/0479
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/3081
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

9Records found
CVE-2001-1247
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.4||MEDIUM
EPSS-0.65% / 69.93%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.

Action-Not Available
Vendor-n/aThe PHP Group
Product-phpn/a
CVE-2010-1861
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.4||MEDIUM
EPSS-0.25% / 48.05%
||
7 Day CHG~0.00%
Published-07 May, 2010 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, which triggers access of a freed resource.

Action-Not Available
Vendor-n/aThe PHP Group
Product-phpn/a
CVE-2010-2191
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.4||MEDIUM
EPSS-0.83% / 73.55%
||
7 Day CHG~0.00%
Published-07 Jun, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. NOTE: vectors 2 through 4 are related to the call time pass by reference feature.

Action-Not Available
Vendor-n/aThe PHP Group
Product-phpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3167
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.4||HIGH
EPSS-0.29% / 51.58%
||
7 Day CHG~0.00%
Published-12 Apr, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Open redirect vulnerability in the drupal_goto function in Drupal 6.x before 6.38, when used with PHP before 5.4.7, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a double-encoded URL in the "destination" parameter.

Action-Not Available
Vendor-n/aThe Drupal AssociationThe PHP GroupDebian GNU/Linux
Product-debian_linuxdrupalphpn/a
CVE-2015-3411
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 40.36%
||
7 Day CHG~0.00%
Published-16 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.

Action-Not Available
Vendor-n/aRed Hat, Inc.The PHP Group
Product-enterprise_linuxenterprise_linux_serverenterprise_linux_hpc_nodeenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_workstationphpenterprise_linux_hpc_node_eusn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-5898
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.4||MEDIUM
EPSS-3.13% / 86.33%
||
7 Day CHG~0.00%
Published-20 Nov, 2007 | 18:00
Updated-07 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.

Action-Not Available
Vendor-n/aThe PHP Group
Product-phpn/a
CVE-2020-7069
Matching Score-8
Assigner-PHP Group
ShareView Details
Matching Score-8
Assigner-PHP Group
CVSS Score-5.4||MEDIUM
EPSS-7.08% / 91.14%
||
7 Day CHG~0.00%
Published-02 Oct, 2020 | 14:14
Updated-17 Sep, 2024 | 04:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.

Action-Not Available
Vendor-Tenable, Inc.Oracle CorporationopenSUSEFedora ProjectNetApp, Inc.Canonical Ltd.Debian GNU/LinuxThe PHP Group
Product-communications_diameter_signaling_routerubuntu_linuxphpclustered_data_ontapdebian_linuxfedoratenable.scleapPHP
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-326
Inadequate Encryption Strength
CVE-2006-1015
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.4||MEDIUM
EPSS-3.87% / 87.76%
||
7 Day CHG~0.00%
Published-07 Mar, 2006 | 00:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote attackers to read and create arbitrary files via the sendmail -C and -X arguments. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE.

Action-Not Available
Vendor-n/aThe PHP Group
Product-phpn/a
CVE-2012-0057
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.4||MEDIUM
EPSS-1.14% / 77.51%
||
7 Day CHG~0.00%
Published-02 Feb, 2012 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.

Action-Not Available
Vendor-n/aThe PHP Group
Product-phpn/a
Details not found