CVE-2010-4699

PHP < 5.3.4 - Incomplete Output Array via Iconv MIME Header Decoding

Title source: llm
STIX 2.1

Description

The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set.

References (5)

Core 5
Core References
Various Sources mailing-list x_refsource_mlist
http://coding.derkeiler.com/Archive/PHP/php.general/2007-04/msg00605.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12393
Vendor Advisory x_refsource_confirm
http://www.php.net/ChangeLog-5.php
Various Sources x_refsource_confirm
http://bugs.php.net/52941
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64963

Scores

EPSS 0.0015
EPSS Percentile 35.8%

Details

CWE
CWE-189
Status published
Products (45)
php/php 1.0
php/php 2.0
php/php 2.0b10
php/php 3.0
php/php 3.0.1
php/php 3.0.2
php/php 3.0.3
php/php 3.0.4
php/php 3.0.5
php/php 3.0.6
... and 35 more
Published Jan 18, 2011
Tracked Since Feb 18, 2026