CVE-2010-2484

Publication date 20 August 2010

Last updated 24 July 2024

The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
php5	11.10 oneiric	Not affected
	11.04 natty	Not affected
	10.10 maverick	Not affected
	10.04 LTS lucid	Not affected
	9.10 karmic	Ignored
	9.04 jaunty	Ignored
	8.04 LTS hardy	Fixed 5.2.4-2ubuntu5.18
	6.06 LTS dapper	Ignored

Notes

kees

5.3.3, and 5.2.14

mdeslaur

looks like it's 5.2 only interruption issue, safe_mode - open_basedir bypass, ignoring

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
php5	Upstream: http://svn.php.net/viewvc?view=revision&revision=300916

CVE-2010-2484

Status

Notes

kees

mdeslaur

Patch details

References

Related Ubuntu Security Notices (USN)

Other references