Computer Security
[EN] securityvulns.ru no-pyccku


libmbfl / {H{ information leak
Published:10.11.2010
Source:
SecurityVulns ID:11251
Type:library
Threat Level:
5/10
Description:under some conditions portion of uninitialized memory is returned.
Affected:PHP : PHP 5.3
 LIBMBFL : Libmbfl 1.1
CVE:CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter).)
Original documentdocumentMANDRIVA, [ MDVSA-2010:225-1 ] libmbfl (10.11.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod