Security Advisory

CVE-2010-4156

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-11-10 01:00:00

Last updated 2024-08-07 03:34:37

Assigner redhat

State PUBLISHED

Description

The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter).

← Browse all CVEs View on cve.org ↗