The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter).
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2010-11-09 19:00
Updated : 2011-05-03 19:52
NVD link : CVE-2010-4156
Mitre link : CVE-2010-4156
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
scottmac
- libmbfl
php
- php