PT-2010-4084 · Php+1 · Php+1
Published
2010-08-20
·
Updated
2023-01-19
·
CVE-2010-2531
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PHP versions 5.2.0 through 5.2.13
PHP versions 5.3.0 through 5.3.2
Description
The issue allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion, due to the var export function flushing the output buffer to the user when certain fatal errors occur, even if display errors is off.
Recommendations
For PHP versions 5.2.0 through 5.2.13, update to version 5.2.14 or later.
For PHP versions 5.3.0 through 5.3.2, update to version 5.3.3 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Php
Red Hat