mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 up to and including 5.3.2 allows remote malicious users to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function; or (2) trigger a heap-based buffer overflow via a modified length value, which is not properly handled by the php_mysqlnd_rset_header_read function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php 5.3.0 |
||
php php 5.3.1 |
||
php php 5.3.2 |