Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-2225
HistoryJun 24, 2010 - 12:00 a.m.

CVE-2010-2225

2010-06-2400:00:00
ubuntu.com
ubuntu.com
12

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.045 Low

EPSS

Percentile

92.3%

JSON

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP
5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary
code or obtain sensitive information via serialized data, related to the
PHP unserialize function.

Bugs

Notes

Author Note
mdeslaur SplObjectStorage doesn’t have an unserializer in php 5.1.x
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchphp5< 5.2.4-2ubuntu5.12UNKNOWN
ubuntu9.04noarchphp5< 5.2.6.dfsg.1-3ubuntu4.6UNKNOWN
ubuntu9.10noarchphp5< 5.2.10.dfsg.1-2ubuntu6.5UNKNOWN
ubuntu10.04noarchphp5< 5.3.2-1ubuntu4.5UNKNOWN

Related

prion 1
cve 1
f5 2
openvas 28
slackware 1
nessus 16
debian 1
osv 1
securityvulns 3
fedora 6
ubuntu 1
gentoo 1
prion
prion
Design/Logic Flaw
2010-06-24 12:30:00
cve
cve
CVE-2010-2225
2010-06-24 12:30:00
f5
f5
SOL12253 - PHP vulnerability CVE-2010-2225
2010-11-03 00:00:00
K12253 : PHP vulnerability CVE-2010-2225
2013-07-03 00:00:00
openvas
openvas
PHP 'SplObjectStorage' Unserializer Arbitrary Code Execution Vulnerability
2010-06-21 00:00:00
Slackware: Security Advisory (SSA:2010-240-04)
2012-09-10 00:00:00
Slackware Advisory SSA:2010-240-04 php
2012-09-11 00:00:00
slackware
slackware
[slackware-security] php
2010-08-28 16:53:00
nessus
nessus
Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : php (SSA:2010-240-04)
2010-08-29 00:00:00
Mandriva Linux Security Advisory : php (MDVSA-2010:140)
2010-07-30 00:00:00
Mandriva Linux Security Advisory : php (MDVSA-2010:139)
2010-07-30 00:00:00
debian
debian
[SECURITY] [DSA-2089-1] New php5 packages fix several vulnerabilities
2010-08-06 05:42:32
osv
osv
php5 - several vulnerabilities
2010-08-06 00:00:00
securityvulns
securityvulns
PHP multiple security vulnerabilities
2010-09-27 00:00:00
[USN-989-1] PHP vulnerabilities
2010-09-27 00:00:00
[ GLSA 201110-06 ] PHP: Multiple vulnerabilities
2011-10-12 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: php-eaccelerator-0.9.6.1-2.fc12
2010-08-23 22:08:06
[SECURITY] Fedora 13 Update: php-5.3.3-1.fc13
2010-08-23 22:00:56
[SECURITY] Fedora 12 Update: php-5.3.3-1.fc12
2010-08-23 22:08:06
ubuntu
ubuntu
PHP vulnerabilities
2010-09-20 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2011-10-10 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.045 Low

EPSS

Percentile

92.3%

JSON
Related for UB:CVE-2010-2225
prion1cve1f52openvas28slackware1nessus16debian1osv1securityvulns3fedora6ubuntu1gentoo1