Description

The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.

Remediation

References

CVE-2010-2097

Related Vulnerabilities

MySQL CVE-2021-2172 Vulnerability (CVE-2021-2172)

WordPress Plugin Gravity Forms HubSpot Cross-Site Scripting (1.0.8)

Internet Information Services Integer Overflow or Wraparound Vulnerability (CVE-2008-1446)

WebLogic CVE-2016-0696 Vulnerability (CVE-2016-0696)

WordPress Plugin PDF & Print by BestWebSoft Cross-Site Scripting (2.0.2)

Severity

Medium

Classification

CVE-2010-2097 CWE-200

Tags

Missing Update Known Vulnerabilities