PT-2010-4519 · Php · Php
Published
2010-08-20
·
Updated
2010-12-07
·
CVE-2010-3062
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PHP versions 5.3 through 5.3.2
Description
The issue allows remote attackers to read sensitive memory or trigger a heap-based buffer overflow via a modified length value. This is due to improper handling by the
php mysqlnd ok read function and the php mysqlnd rset header read function.Recommendations
For PHP versions 5.3 through 5.3.2, update to a version that contains a fix for this issue to prevent remote attackers from reading sensitive memory or triggering a heap-based buffer overflow.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Php