CVE-2010-3062 (retired)

Priority
Description
mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2
allows remote attackers to (1) read sensitive memory via a modified length
value, which is not properly handled by the php_mysqlnd_ok_read function;
or (2) trigger a heap-based buffer overflow via a modified length value,
which is not properly handled by the php_mysqlnd_rset_header_read function.
Notes
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.3.3)
More Information

Updated: 2019-10-09 07:33:03 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)