QwikSec

Security Database

CVE

CWE

Training

CVE-2010-1915

Published: May 12, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature, modification of ZVALs whose values are not updated in the associated local variables, and access of previously-freed memory.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

php-pregquote-information-disclosure(58586)

vdb-entry

x_refsource_XF

SUSE-SR:2010:017

vendor-advisory

x_refsource_SUSE

http://www.php-security.org/2010/05/09/mops-2010-017-php-preg_quote-interruption-information-leak-vulnerability/index.html

x_refsource_MISC

SUSE-SR:2010:018

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.