製品・ソフトウェアに関する情報

JVN脆弱性詳細

PHP の utf8_decode 関数におけるクロスサイトスクリプティングおよび SQL インジェクションに対する保護メカニズムを回避される脆弱性

タイトル	PHP の utf8_decode 関数におけるクロスサイトスクリプティングおよび SQL インジェクションに対する保護メカニズムを回避される脆弱性
概要	PHP の utf8_decode 関数は、過度に長い形式の UTF-8 エンコーディングおよび UTF-8 データ内にある ill-formed サブシーケンスを適切に処理しないため、クロスサイトスクリプティングおよび SQL インジェクションに対する保護メカニズムを回避される脆弱性が存在します。
想定される影響	第三者により、巧妙に細工された文字列を介して、クロスサイトスクリプティングおよび SQL インジェクションに対する保護メカニズムを回避される可能性があります。
対策	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2009年9月27日0:00
登録日	2010年12月22日14:03
最終更新日	2011年4月4日14:29

CVSS2.0 : 警告
スコア	6.8
ベクター	AV:N/AC:M/Au:N/C:P/I:P/A:P

影響を受けるシステム

レッドハット

Red Hat Enterprise Linux 4 (as)

Red Hat Enterprise Linux 4 (es)

Red Hat Enterprise Linux 4 (ws)

Red Hat Enterprise Linux 4.8 (as)

Red Hat Enterprise Linux 4.8 (es)

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 4.0

Red Hat Enterprise Linux Desktop 6

Red Hat Enterprise Linux HPC Node 6

Red Hat Enterprise Linux Server 6

Red Hat Enterprise Linux Workstation 6

RHEL Desktop Workstation 5 (client)

The PHP Group

PHP 5.3.4 未満

サイバートラスト株式会社

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

Asianux Server 3.0

Asianux Server 3.0 (x86-64)

アップル

Apple Mac OS X v10.6 から v10.6.6

Apple Mac OS X Server v10.6 から v10.6.6

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-3870	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3870
National Vulnerability Database (NVD)
2	CVE-2010-3870	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3870

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-20	https://jvndb.jvn.jp/ja/cwe/CWE-20.html

ベンダー情報

No	名前	URL
Apple Security Updates
1	HT4581	http://support.apple.com/kb/HT4581
Apple セキュリティアップデート
2	HT4581	http://support.apple.com/kb/HT4581?viewlocale=ja_JP
Asianux Technical Support Network
3	php-5.1.6-27.3.0.1.AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1318
MIRACLE LINUX アップデート情報
4	2161	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2161
Month of PHP Bugs
5	49687	http://bugs.php.net/bug.php?id=49687
PHP
6	304959	http://svn.php.net/viewvc/?view=revision&revision=304959
7	305055	http://svn.php.net/viewvc?view=revision&revision=305055
Red Hat Security Advisory
8	RHSA-2010:0919	https://rhn.redhat.com/errata/RHSA-2010-0919.html
9	RHSA-2011:0195	https://rhn.redhat.com/errata/RHSA-2011-0195.html

その他

No	名前	URL
JVN
1	JVNVU#636925	http://jvn.jp/cert/JVNVU636925
Secunia Advisory
2	SA42410	http://secunia.com/advisories/42410
SecurityFocus
3	44605	http://www.securityfocus.com/bid/44605
SecurityTracker
4	1024797	http://www.securitytracker.com/id?1024797
VUPEN Security
5	VUPEN/ADV-2010-3081	http://www.vupen.com/english/advisories/2010/3081

変更履歴

No	変更内容	変更日
0	[2010年12月22日] 掲載 [2011年02月18日] 影響を受けるシステム：レッドハット (RHSA-2011:0195) の情報を追加ベンダ情報：レッドハット (RHSA-2011:0195) を追加 [2011年04月04日] 影響を受けるシステム：アップル (HT4581) の情報を追加ベンダ情報：アップル (HT4581) を追加	2018年2月17日10:37

NVD脆弱性情報

CVE-2010-3870

概要	The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string.
公表日	2010年11月13日6:00
登録日	2021年1月29日11:07
最終更新日	2024年11月21日10:19

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:php:php::::::::				5.2.14
cpe:2.3:a:php:php::::::::	5.3.0			5.3.4

構成2	以上	以下	より上	未満
cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::
cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*

関連情報、対策とツール

No	URL	タグ
1	http://bugs.php.net/bug.php?id=48230	Exploit Vendor Advisory
2	http://bugs.php.net/bug.php?id=48230	Exploit Vendor Advisory
3	http://bugs.php.net/bug.php?id=49687	Exploit Vendor Advisory
4	http://bugs.php.net/bug.php?id=49687	Exploit Vendor Advisory
5	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html	Mailing List Third Party Advisory
6	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html	Mailing List Third Party Advisory
7	http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html	Mailing List Third Party Advisory
8	http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html	Mailing List Third Party Advisory
9	http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html	Mailing List Third Party Advisory
10	http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html	Mailing List Third Party Advisory
11	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html	Mailing List Third Party Advisory
12	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html	Mailing List Third Party Advisory
13	http://marc.info/?l=bugtraq&m=133469208622507&w=2	Mailing List Third Party Advisory
14	http://marc.info/?l=bugtraq&m=133469208622507&w=2	Mailing List Third Party Advisory
15	http://marc.info/?l=bugtraq&m=133469208622507&w=2	Mailing List Third Party Advisory
16	http://marc.info/?l=bugtraq&m=133469208622507&w=2	Mailing List Third Party Advisory
17	http://secunia.com/advisories/42410	Third Party Advisory
18	http://secunia.com/advisories/42410	Third Party Advisory
19	http://secunia.com/advisories/42812	Third Party Advisory
20	http://secunia.com/advisories/42812	Third Party Advisory
21	http://sirdarckcat.blogspot.com/2009/10/couple-of-unicode-issues-on-php-and.html	Exploit Third Party Advisory
22	http://sirdarckcat.blogspot.com/2009/10/couple-of-unicode-issues-on-php-and.html	Exploit Third Party Advisory
23	http://support.apple.com/kb/HT4581	Third Party Advisory
24	http://support.apple.com/kb/HT4581	Third Party Advisory
25	http://svn.php.net/viewvc?view=revision&revision=304959	Patch Vendor Advisory
26	http://svn.php.net/viewvc?view=revision&revision=304959	Patch Vendor Advisory
27	http://us2.php.net/manual/en/function.utf8-decode.php#83935	Exploit Vendor Advisory
28	http://us2.php.net/manual/en/function.utf8-decode.php#83935	Exploit Vendor Advisory
29	http://www.acunetix.com/blog/web-security-articles/security-risks-associated-with-utf8_decode/	Exploit Third Party Advisory
30	http://www.acunetix.com/blog/web-security-articles/security-risks-associated-with-utf8_decode/	Exploit Third Party Advisory
31	http://www.blackhat.com/presentations/bh-usa-09/VELANAVA/BHUSA09-VelaNava-FavoriteXSS-SLIDES.pdf	Exploit Third Party Advisory
32	http://www.blackhat.com/presentations/bh-usa-09/VELANAVA/BHUSA09-VelaNava-FavoriteXSS-SLIDES.pdf	Exploit Third Party Advisory
33	http://www.mandriva.com/en/security/advisories?name=MDVSA-2010:224	Third Party Advisory
34	http://www.mandriva.com/en/security/advisories?name=MDVSA-2010:224	Third Party Advisory
35	http://www.openwall.com/lists/oss-security/2010/11/02/1	Mailing List Third Party Advisory
36	http://www.openwall.com/lists/oss-security/2010/11/02/1	Mailing List Third Party Advisory
37	http://www.openwall.com/lists/oss-security/2010/11/02/11	Mailing List Third Party Advisory
38	http://www.openwall.com/lists/oss-security/2010/11/02/11	Mailing List Third Party Advisory
39	http://www.openwall.com/lists/oss-security/2010/11/02/2	Mailing List Third Party Advisory
40	http://www.openwall.com/lists/oss-security/2010/11/02/2	Mailing List Third Party Advisory
41	http://www.openwall.com/lists/oss-security/2010/11/02/4	Mailing List Third Party Advisory
42	http://www.openwall.com/lists/oss-security/2010/11/02/4	Mailing List Third Party Advisory
43	http://www.openwall.com/lists/oss-security/2010/11/02/6	Mailing List Third Party Advisory
44	http://www.openwall.com/lists/oss-security/2010/11/02/6	Mailing List Third Party Advisory
45	http://www.openwall.com/lists/oss-security/2010/11/02/8	Mailing List Third Party Advisory
46	http://www.openwall.com/lists/oss-security/2010/11/02/8	Mailing List Third Party Advisory
47	http://www.openwall.com/lists/oss-security/2010/11/03/1	Mailing List Third Party Advisory
48	http://www.openwall.com/lists/oss-security/2010/11/03/1	Mailing List Third Party Advisory
49	http://www.php.net/ChangeLog-5.php	Vendor Advisory
50	http://www.php.net/ChangeLog-5.php	Vendor Advisory
51	http://www.redhat.com/support/errata/RHSA-2010-0919.html	Third Party Advisory
52	http://www.redhat.com/support/errata/RHSA-2010-0919.html	Third Party Advisory
53	http://www.redhat.com/support/errata/RHSA-2011-0195.html	Third Party Advisory
54	http://www.redhat.com/support/errata/RHSA-2011-0195.html	Third Party Advisory
55	http://www.securityfocus.com/bid/44605	Third Party Advisory VDB Entry
56	http://www.securityfocus.com/bid/44605	Third Party Advisory VDB Entry
57	http://www.securitytracker.com/id?1024797	Third Party Advisory VDB Entry
58	http://www.securitytracker.com/id?1024797	Third Party Advisory VDB Entry
59	http://www.ubuntu.com/usn/USN-1042-1	Third Party Advisory
60	http://www.ubuntu.com/usn/USN-1042-1	Third Party Advisory
61	http://www.vupen.com/english/advisories/2010/3081	Third Party Advisory
62	http://www.vupen.com/english/advisories/2010/3081	Third Party Advisory
63	http://www.vupen.com/english/advisories/2011/0020	Third Party Advisory
64	http://www.vupen.com/english/advisories/2011/0020	Third Party Advisory
65	http://www.vupen.com/english/advisories/2011/0021	Third Party Advisory
66	http://www.vupen.com/english/advisories/2011/0021	Third Party Advisory
67	http://www.vupen.com/english/advisories/2011/0077	Third Party Advisory
68	http://www.vupen.com/english/advisories/2011/0077	Third Party Advisory

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-20	不適切な入力確認	https://cwe.mitre.org/data/definitions/20.html