CVE-2010-2191

2010-06-0800:00:00

ubuntu.com

9.7 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

77.6%

JSON

The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the
(5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and
the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3
through 5.3.2 allow context-dependent attackers to obtain sensitive
information (memory contents) or trigger memory corruption by causing a
userspace interruption of an internal function or handler. NOTE: vectors 2
through 4 are related to the call time pass by reference feature.

Notes

Author	Note
mdeslaur	interruption issue, safe_mode - open_basedir bypass, ignoring This is MOPS-2010-049 to MOPS-2010-055

References

www.php-security.org/2010/05/31/mops-2010-049-php-parse_str-interruption-memory-corruption-vulnerability/index.html

www.php-security.org/2010/05/31/mops-2010-050-php-preg_match-interruption-information-leak-vulnerability/index.html

www.php-security.org/2010/05/31/mops-2010-051-php-unpack-interruption-information-leak-vulnerability/index.html

www.php-security.org/2010/05/31/mops-2010-052-php-pack-interruption-information-leak-vulnerability/index.html

www.php-security.org/2010/05/31/mops-2010-053-php-zend_fetch_rw-opcode-interruption-information-leak-vulnerability/index.html

www.php-security.org/2010/05/31/mops-2010-054-php-zend_concatzend_assign_concat-opcode-interruption-information-leak-and-memory-corruption-vulnerability/index.html

www.php-security.org/2010/05/31/mops-2010-055-php-arrayobjectuasort-interruption-memory-corruption-vulnerability/index.html

launchpad.net/bugs/cve/CVE-2010-2191

nvd.nist.gov/vuln/detail/CVE-2010-2191

security-tracker.debian.org/tracker/CVE-2010-2191

www.cve.org/CVERecord?id=CVE-2010-2191