CVE-2010-4697

Published: 18 January 2011

Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference.

Priority

Status

Package	Release	Status
php5 Launchpad, Ubuntu, Debian	Upstream	Released (5.3.4)






	Patches: Upstream: http://svn.php.net/viewvc?view=revision&revision=303913

References

Bugs

http://bugs.php.net/52879

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading