Description

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_function), or (3) ZEND_SR opcode (shift_right_function), related to the convert_to_long_base function.

Remediation

References

CVE-2010-1914

Related Vulnerabilities

MySQL CVE-2018-3077 Vulnerability (CVE-2018-3077)

WordPress Plugin Gallery PhotoBlocks Cross-Site Scripting (1.1.50)

MySQL CVE-2020-14870 Vulnerability (CVE-2020-14870)

TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1842)

PostgreSQL Other Vulnerability (CVE-2015-3165)

Severity

Medium

Classification

CVE-2010-1914 CWE-200

Tags

Missing Update Known Vulnerabilities