Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2010-3065

Опубликовано: 20 авг. 2010
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name.

РелизСтатусПримечание
dapper

released

5.1.2-1ubuntu3.19
devel

not-affected

5.3.3-1ubuntu6
hardy

released

5.2.4-2ubuntu5.12
jaunty

released

5.2.6.dfsg.1-3ubuntu4.6
karmic

released

5.2.10.dfsg.1-2ubuntu6.5
lucid

released

5.3.2-1ubuntu4.5
upstream

released

5.3.3, 5.2.14

Показывать по

EPSS

Процентиль: 63%
0.00455
Низкий

5 Medium

CVSS2

Связанные уязвимости

redhat
около 15 лет назад

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name.

nvd
почти 15 лет назад

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name.

debian
почти 15 лет назад

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 throu ...

github
около 3 лет назад

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name.

oracle-oval
больше 14 лет назад

ELSA-2010-0919: php security update (MODERATE)

EPSS

Процентиль: 63%
0.00455
Низкий

5 Medium

CVSS2