libmbfl / {H{ information leak
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
libmbfl / {H{ information leak
Published:
10.11.2010
Source:
BUGTRAQ
SecurityVulns ID:
11251
Type:
library
Level:
5
/10
Description:
under some conditions portion of uninitialized memory is returned.
Affected:
PHP
:
PHP 5.3
LIBMBFL
:
Libmbfl 1.1
CVE:
CVE-2010-4156
(The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter).)
Original document
MANDRIVA
,
[ MDVSA-2010:225-1 ] libmbfl
(
10.11.2010
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
