Описание
The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x up to 5.2.1, makes erroneous calls to zval_dtor, which triggers memory corruption and allows local users to bypass safe_mode and execute arbitrary code via a certain unset operation after array_user_key_compare has been called.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 5.1.2-1ubuntu3.9 |
| devel | not-affected | |
| edgy | released | 5.1.6-1ubuntu2.6 |
| feisty | released | 5.2.1-0ubuntu1.4 |
| upstream | released | 5.2.2 |
Показывать по
EPSS
4.6 Medium
CVSS2
Связанные уязвимости
The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x up to 5.2.1, makes erroneous calls to zval_dtor, which triggers memory corruption and allows local users to bypass safe_mode and execute arbitrary code via a certain unset operation after array_user_key_compare has been called.
The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x ...
The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x up to 5.2.1, makes erroneous calls to zval_dtor, which triggers memory corruption and allows local users to bypass safe_mode and execute arbitrary code via a certain unset operation after array_user_key_compare has been called.
EPSS
4.6 Medium
CVSS2