CVE-2010-1864

Table of Contents

Public Date:
2010-05-03
Bugzilla:
617578: CVE-2010-1864 php: addcslashes interruption vulnerability (MOPS-2010-006)

The MITRE CVE dictionary describes this issue as:

The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.

Find out more about CVE-2010-1864 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat does not consider interruption issues allowing safe_mode / open_basedir restriction bypass to be security sensitive. For more details see https://bugzilla.redhat.com/show_bug.cgi?id=169857#c1 and http://www.php.net/security-note.php

Last Modified

CVE description copyright © 2017, The MITRE Corporation