6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.014 Low
EPSS
Percentile
86.3%
Format string vulnerability in stream.c in the phar extension in PHP 5.3.x
through 5.3.3 allows context-dependent attackers to obtain sensitive
information (memory contents) and possibly execute arbitrary code via a
crafted phar:// URI that is not properly handled by the phar_stream_flush
function, leading to errors in the php_stream_wrapper_log_error function.
NOTE: this vulnerability exists because of an incomplete fix for
CVE-2010-2094.
Author | Note |
---|---|
mdeslaur | See second patch in CVE-2010-2094 This is MOPS-2010-024 5.3 only, not fixed in 5.3.3 |
php-security.org/2010/05/14/mops-2010-024-php-phar_stream_flush-format-string-vulnerability/index.html
launchpad.net/bugs/cve/CVE-2010-2950
nvd.nist.gov/vuln/detail/CVE-2010-2950
security-tracker.debian.org/tracker/CVE-2010-2950
ubuntu.com/security/notices/USN-989-1
www.cve.org/CVERecord?id=CVE-2010-2950