Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-1914

Опубликовано: 08 мая 2010
Источник: redhat
CVSS2: 2.1
EPSS Низкий

Описание

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_function), or (3) ZEND_SR opcode (shift_right_function), related to the convert_to_long_base function.

Отчет

Red Hat does not consider interruption issues allowing safe_mode / open_basedir restriction bypass to be security sensitive. For more details see https://bugzilla.redhat.com/show_bug.cgi?id=169857#c1 and http://www.php.net/security-note.php

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4phpNot affected
Red Hat Enterprise Linux 5phpNot affected
Red Hat Enterprise Linux 6phpNot affected

Показывать по

Ссылки на источники

Дополнительная информация

https://bugzilla.redhat.com/show_bug.cgi?id=617180php: bitwise operators interruption vulnerabilities (MOPS-2010-014, MOPS-2010-015, MOPS-2010-016)

EPSS

Процентиль: 68%
0.0056
Низкий

2.1 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-1914

ubuntu
почти 16 лет назад

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_function), or (3) ZEND_SR opcode (shift_right_function), related to the convert_to_long_base function.

nvd логотип

CVE-2010-1914

nvd
почти 16 лет назад

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_function), or (3) ZEND_SR opcode (shift_right_function), related to the convert_to_long_base function.

debian логотип

CVE-2010-1914

debian
почти 16 лет назад

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows ...

github логотип

GHSA-wjwg-g3q4-3f25

github
почти 4 года назад

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_function), or (3) ZEND_SR opcode (shift_right_function), related to the convert_to_long_base function.

EPSS

Процентиль: 68%
0.0056
Низкий

2.1 Low

CVSS2