PublicDateAtUSN: 2011-01-18
Candidate: CVE-2010-4697
PublicDate: 2011-01-18 20:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4697
 https://ubuntu.com/security/notices/USN-1126-1
Description:
 Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and
 5.3.x before 5.3.4 might allow context-dependent attackers to cause a
 denial of service (heap memory corruption) or have unspecified other impact
 via vectors related to use of __set, __get, __isset, and __unset methods on
 objects accessed by a reference.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.php.net/52879
Priority: medium
Discovered-by: Ben Schmidt
Assigned-to: sbeattie
CVSS: 

Patches_php5:
 upstream: http://svn.php.net/viewvc?view=revision&revision=303913
upstream_php5: released (5.3.4)
dapper_php5: released (5.1.2-1ubuntu3.22)
hardy_php5: released (5.2.4-2ubuntu5.15)
karmic_php5: released (5.2.10.dfsg.1-2ubuntu6.9)
lucid_php5: released (5.3.2-1ubuntu4.8)
maverick_php5: released (5.3.3-1ubuntu9.4)
natty_php5: not-affected (5.3.5-1ubuntu1)
devel_php5: not-affected (5.3.5-1ubuntu1)