CVE-2010-2100

Name of the Vulnerable Software and Affected Versions PHP versions 5.2 through 5.2.13 PHP versions 5.3 through 5.3.2

Description The issue allows context-dependent attackers to obtain sensitive information, such as memory contents, by causing a userspace interruption of an internal function. This is related to the call time pass by reference feature in certain PHP functions, including htmlentities, htmlspecialchars, str getcsv, http build query, strpbrk, and strtr.

Recommendations For PHP versions 5.2 through 5.2.13, update to a version outside of this range to resolve the issue. For PHP versions 5.3 through 5.3.2, update to a version outside of this range to resolve the issue.