Lucene search
HistoryMay 07, 2010 - 11:00 p.m.
CVE-2010-1864
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
9.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.4%
The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.
Affected configurations
Node
phpphpMatch5.2.0
ORphpphpMatch5.2.1
ORphpphpMatch5.2.2
ORphpphpMatch5.2.3
ORphpphpMatch5.2.4
ORphpphpMatch5.2.5
ORphpphpMatch5.2.6
ORphpphpMatch5.2.8
ORphpphpMatch5.2.9
ORphpphpMatch5.2.10
ORphpphpMatch5.2.11
ORphpphpMatch5.2.12
ORphpphpMatch5.2.13
Node
phpphpMatch5.3.0
ORphpphpMatch5.3.1
ORphpphpMatch5.3.2
Related
prion
prion
Design/Logic Flaw
2010-05-07 23:00:00
cvelist
cvelist
CVE-2010-1864
2010-05-07 22:00:00
cve
cve
CVE-2010-1864
2010-05-07 23:00:01
ubuntucve
ubuntucve
securityvulns
securityvulns
PHP multiple security vulnerabilities
2010-05-11 00:00:00
[ GLSA 201110-06 ] PHP: Multiple vulnerabilities
2011-10-12 00:00:00
openvas
openvas
PHP < 5.2.14 Multiple Vulnerabilities
2020-08-17 00:00:00
PHP < 5.2.14 Multiple Vulnerabilities
2012-06-21 00:00:00
PHP < 5.3.3 Multiple Vulnerabilities
2020-08-17 00:00:00
nessus
nessus
PHP 5.2 < 5.2.14 Multiple Vulnerabilities
2010-08-04 00:00:00
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0678-1)
2010-10-06 00:00:00
PHP 5.3 < 5.3.3 Multiple Vulnerabilities
2010-08-04 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2011-10-10 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
9.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.4%
Related for NVD:CVE-2010-1864