PT-2010-3537 · Php · Php
Published
2010-05-12
·
Updated
2017-08-17
·
CVE-2010-1914
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PHP versions 5.2 through 5.2.13
PHP versions 5.3 through 5.3.2
Description
The issue allows context-dependent attackers to obtain sensitive information by interrupting the handler for certain opcodes, specifically the
ZEND BW XOR opcode, ZEND SL opcode, or ZEND SR opcode, related to the convert to long base function.Recommendations
For PHP versions 5.2 through 5.2.13, update to a version later than 5.2.13 to resolve the issue.
For PHP versions 5.3 through 5.3.2, update to a version later than 5.3.2 to resolve the issue.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Php