CVE-2010-1915

Name of the Vulnerable Software and Affected Versions PHP versions 5.2 through 5.2.13 PHP versions 5.3 through 5.3.2

Description The issue allows context-dependent attackers to obtain sensitive information, such as memory contents, by causing a userspace interruption of an internal function. This is related to the call time pass by reference feature, modification of ZVALs whose values are not updated in the associated local variables, and access of previously-freed memory.

Recommendations For PHP versions 5.2 through 5.2.13, update to a version later than 5.2.13 to resolve the issue. For PHP versions 5.3 through 5.3.2, update to a version later than 5.3.2 to resolve the issue.