Candidate: CVE-2010-3062
PublicDate: 2010-08-20 20:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3062
Description:
 mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2
 allows remote attackers to (1) read sensitive memory via a modified length
 value, which is not properly handled by the php_mysqlnd_ok_read function;
 or (2) trigger a heap-based buffer overflow via a modified length value,
 which is not properly handled by the php_mysqlnd_rset_header_read function.
Ubuntu-Description:
Notes:
Bugs:
Priority: negligible
Discovered-by:
Assigned-to:
CVSS: 

Patches_php5:
upstream_php5: released (5.3.3)
dapper_php5: not-affected (code not built)
hardy_php5: not-affected (code not built)
jaunty_php5: not-affected (code not built)
karmic_php5: not-affected (code not built)
lucid_php5: not-affected (code not built)
devel_php5: not-affected