CVE-2010-3062
CVE-2010-3062 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function; or (2) trigger a heap-based buffer overflow via a modified length value, which is not properly handled by the php_mysqlnd_rset_header_read function.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.