CVE-2010-2191
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
7Exploited in Wild
-Decision
Descriptions
The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. NOTE: vectors 2 through 4 are related to the call time pass by reference feature.
Las funciones (1) parse_str, (2) preg_match (3), unpack, y (4) pack; los opcodes (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, y (7) ZEND_ASSIGN_CONCAT, y el metodo (8) ArrayObject::uasort de PHP v5.2 a v5.2.13 y v5.3 a v5.3.2 permiten obtener a atacantes información sensible variable en función del contexto (el contenido de la memoria) u ocasionar una corrupción de memoria al causar una interrupción del espacio de usuario de un controlador o una función interna. NOTA: los vectores del 2 al 4 están relacionados con el paso del tiempo de llamada por referencia.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-06-07 CVE Reserved
- 2010-06-07 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/59221 | Vdb Entry |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.0 Search vendor "Php" for product "Php" and version "5.2.0" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.1 Search vendor "Php" for product "Php" and version "5.2.1" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.2 Search vendor "Php" for product "Php" and version "5.2.2" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.3 Search vendor "Php" for product "Php" and version "5.2.3" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.4 Search vendor "Php" for product "Php" and version "5.2.4" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.5 Search vendor "Php" for product "Php" and version "5.2.5" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.6 Search vendor "Php" for product "Php" and version "5.2.6" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.7 Search vendor "Php" for product "Php" and version "5.2.7" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.8 Search vendor "Php" for product "Php" and version "5.2.8" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.9 Search vendor "Php" for product "Php" and version "5.2.9" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.10 Search vendor "Php" for product "Php" and version "5.2.10" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.11 Search vendor "Php" for product "Php" and version "5.2.11" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.12 Search vendor "Php" for product "Php" and version "5.2.12" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.2.13 Search vendor "Php" for product "Php" and version "5.2.13" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.3.0 Search vendor "Php" for product "Php" and version "5.3.0" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.3.1 Search vendor "Php" for product "Php" and version "5.3.1" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.3.2 Search vendor "Php" for product "Php" and version "5.3.2" | - |
Affected
| ||||||