Candidate: CVE-2010-4700
PublicDate: 2011-01-18 20:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4700
Description:
 The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the
 MySQLi extension is used, does not properly interact with use of the
 mysqli_fetch_assoc function, which might make it easier for
 context-dependent attackers to conduct SQL injection attacks via crafted
 input that had been properly handled in earlier PHP versions.
Ubuntu-Description:
Notes:
 mdeslaur> we use libmysqlclient, not mysqlnd, so not affected.
Bugs:
 http://bugs.php.net/52221
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_php5:
upstream_php5: released (5.3.4)
dapper_php5: not-affected
hardy_php5: not-affected
karmic_php5: not-affected
lucid_php5: not-affected
maverick_php5: not-affected
devel_php5: not-affected (5.3.5-1ubuntu1)