CVE-2010-1868

Impact:
Low
Public Date:
2010-05-07
Bugzilla:
617134: CVE-2010-1868 php: sqlite: use of uninitialized memory triggered by empty SQL query (MOPS-2010-012, MOPS-2010-013)

The MITRE CVE dictionary describes this issue as:

The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, which triggers access of uninitialized memory.

Find out more about CVE-2010-1868 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Not vulnerable. This issue did not affect the versions of php as shipped with Red Hat Enterprise Linux 3, 4, or 5, as well as the versions of php53 as shipped with Red Hat Enterprise Linux 5.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 php Not affected
Red Hat Enterprise Linux 5 php Not affected
Red Hat Enterprise Linux 5 php53 Not affected
Red Hat Enterprise Linux 4 php Not affected
Red Hat Enterprise Linux 3 php Not affected

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.