The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2010-08-20T19:00:00
Updated: 2024-08-07T02:55:46.616Z
Reserved: 2010-08-20T00:00:00
Link: CVE-2010-3063
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-08-20T20:00:03.047
Modified: 2010-12-07T06:50:28.983
Link: CVE-2010-3063
Redhat