CVE-2010-2531

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion.

References

http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html

http://marc.info/?l=bugtraq&m=130331363227777&w=2

http://marc.info/?l=bugtraq&m=133469208622507&w=2

http://secunia.com/advisories/42410

http://support.apple.com/kb/HT4312

http://support.apple.com/kb/HT4435

http://svn.php.net/viewvc/php/php-src/trunk/ext/standard/tests/general_functions/var_export_error2.phpt?view=log&pathrev=301143

http://www.debian.org/security/2011/dsa-2266

http://www.openwall.com/lists/oss-security/2010/07/13/1

http://www.openwall.com/lists/oss-security/2010/07/16/3

http://www.php.net/archive/2010.php#id2010-07-22-1

http://www.php.net/archive/2010.php#id2010-07-22-2

http://www.redhat.com/support/errata/RHSA-2010-0919.html

http://www.vupen.com/english/advisories/2010/3081

https://bugzilla.redhat.com/show_bug.cgi?id=617673

Details

Source: MITRE

Published: 2010-08-20

Updated: 2016-08-23

Type: CWE-200

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
75429openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1)NessusSuSE Local Security Checks
high
68150Oracle Linux 4 / 5 : php (ELSA-2010-0919)NessusOracle Linux Local Security Checks
medium
60908Scientific Linux Security Update : php on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
56459GLSA-201110-06 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
55486Debian DSA-2266-1 : php5 - several vulnerabilitiesNessusDebian Local Security Checks
high
53532HP System Management Homepage < 6.3 Multiple VulnerabilitiesNessusWeb Servers
critical
50890SuSE 11 / 11.1 Security Update : Apache 2 (SAT Patch Numbers 2880 / 2881)NessusSuSE Local Security Checks
high
50862CentOS 4 / 5 : php (CESA-2010:0919)NessusCentOS Local Security Checks
medium
50841RHEL 4 / 5 : php (RHSA-2010:0919)NessusRed Hat Local Security Checks
medium
800791Mac OS X 10.6 < 10.6.5 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5705Mac OS X 10.6 < 10.6.5 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
50549Mac OS X Multiple Vulnerabilities (Security Update 2010-007)NessusMacOS X Local Security Checks
high
50548Mac OS X 10.6.x < 10.6.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
49830SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7110)NessusSuSE Local Security Checks
high
49752openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0678-1)NessusSuSE Local Security Checks
high
49306Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : php5 vulnerabilities (USN-989-1)NessusUbuntu Local Security Checks
high
49210openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1)NessusSuSE Local Security Checks
high
48424Mac OS X Multiple Vulnerabilities (Security Update 2010-005)NessusMacOS X Local Security Checks
high
48245PHP 5.3 < 5.3.3 Multiple VulnerabilitiesNessusCGI abuses
high
48244PHP 5.2 < 5.2.14 Multiple VulnerabilitiesNessusCGI abuses
high
48198Mandriva Linux Security Advisory : php (MDVSA-2010:140)NessusMandriva Local Security Checks
high
48197Mandriva Linux Security Advisory : php (MDVSA-2010:139)NessusMandriva Local Security Checks
high
801070PHP < 5.3.3 / 5.2.14 Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high
5616PHP < 5.2.14 / 5.3.x < 5.3.3 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high