Red Hat Customer Portal

Skip to main content

CVE-2010-2225

Public Date:
2010-06-18
Bugzilla:
605641: CVE-2010-2225 php: SplObjectStorage unserialization flaws (MOPS-2010-061)

The MITRE CVE dictionary describes this issue as:

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.

Find out more about CVE-2010-2225 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Not vulnerable. This issue did not affect the versions of php as shipped with Red Hat Enterprise Linux 3, 4, or 5.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 php Not affected
Red Hat Application Stack v2 for Enterprise Linux (v.5) php Affected