Vulnetix
Try Vulnetix Request Demo
CVE-2010-3062 PUBLISHED CVSS 5 MEDIUM

mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function; or (2) trigger a heap-based buffer overflow via a modified length value, which is not properly handled by the php_mysqlnd_rset_header_read function.

EPSS 0.84% · 74.6th percentile

Risk Scores

CVSS v2.0
5
EPSS Score
0.84%
74.6th percentile

Affected Products

VendorProductVersions
n/an/an/a
phpphp5.3.0, 5.3.1, 5.3.2

Timeline

References

Open in Interactive Console →