PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities

The PHP Mysqlnd extension is prone to an information-disclosure vulnerability and multiple buffer-overflow vulnerabilities.

Successful exploits can allow attackers to obtain sensitive information or to execute arbitrary code in the context of applications using the vulnerable PHP functions. Failed attempts may lead to a denial-of-service condition.

PHP 5.3 through 5.3.2 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus