7.5
CVE-2010-2225
- EPSS 5.34%
- Veröffentlicht 24.06.2010 12:30:01
- Zuletzt bearbeitet 16.06.2026 23:20:20
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.34% | 0.916 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
http://support.apple.com/kb/HT4312
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
http://marc.info/?l=bugtraq&m=133469208622507&w=2
http://secunia.com/advisories/40860
http://www.debian.org/security/2010/dsa-2089
http://pastebin.com/mXGidCsd
http://twitter.com/i0n1c/statuses/16373156076
http://twitter.com/i0n1c/statuses/16447867829
http://www.securityfocus.com/bid/40948
https://bugzilla.redhat.com/show_bug.cgi?id=605641
https://exchange.xforce.ibmcloud.com/vulnerabilities/59610