CVE-2010-3063
Publication date 20 August 2010
Last updated 24 July 2024
Ubuntu priority
The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
Status
Package | Ubuntu Release | Status |
---|---|---|
php5 | 10.04 LTS lucid |
Not affected
|
9.10 karmic |
Not affected
|
|
9.04 jaunty |
Not affected
|
|
8.04 LTS hardy |
Not affected
|
|
6.06 LTS dapper |
Not affected
|