Lucene search
Ubuntu.comUB:CVE-2010-4700HistoryJan 18, 2011 - 12:00 a.m.
CVE-2010-4700
2011-01-1800:00:00
ubuntu.com
ubuntu.com
17
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.002
Percentile
54.8%
The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the
MySQLi extension is used, does not properly interact with use of the
mysqli_fetch_assoc function, which might make it easier for
context-dependent attackers to conduct SQL injection attacks via crafted
input that had been properly handled in earlier PHP versions.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | we use libmysqlclient, not mysqlnd, so not affected. |
Related
prion
prion
Sql injection
2011-01-18 20:00:00
nvd
nvd
CVE-2010-4700
2011-01-18 20:00:10
cve
cve
CVE-2010-4700
2011-01-18 20:00:10
openvas
openvas
PHP 'set_magic_quotes_runtime()' SQL Injection Vulnerability
2011-02-01 00:00:00
PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
2011-01-31 00:00:00
PHP < 5.3.4 Multiple Vulnerabilities
2020-08-17 00:00:00
cvelist
cvelist
CVE-2010-4700
2011-01-18 19:00:00
nessus
nessus
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)
2014-06-13 00:00:00
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)
2011-05-05 00:00:00
PHP 5.3.x < 5.3.4 Multiple Vulnerabilities
2010-12-10 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2011-10-10 00:00:00
securityvulns
securityvulns
[ GLSA 201110-06 ] PHP: Multiple vulnerabilities
2011-10-12 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.002
Percentile
54.8%
Related for UB:CVE-2010-4700