CVE-2010-1860

Name of the Vulnerable Software and Affected Versions PHP versions 5.2 through 5.2.13 PHP versions 5.3 through 5.3.2

Description The issue allows context-dependent attackers to obtain sensitive information, such as memory contents, or trigger memory corruption. This is related to the html entity decode function and the call time pass by reference feature, which can be exploited by causing a userspace interruption of an internal call.

Recommendations For PHP versions 5.2 through 5.2.13, update to a version outside of this range to resolve the issue. For PHP versions 5.3 through 5.3.2, update to a version outside of this range to resolve the issue.