Red Hat Bugzilla – Bug 618366
CVE-2010-1862 php: chunk_split interruption vulnerability (MOPS-2010-008)
Last modified: 2015-08-19 04:51:30 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-1862 to the following vulnerability:
The chunk_split function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.
Created attachment 434505 [details]
Fixed via zend_parse_parameters() change that addressed couple of other MOPS
issues - see bug #617578, comment #2.
Closing this, see bug #617578, comment #3 for more detailed explanation.
*** This bug has been marked as a duplicate of bug 169857 ***
Red Hat does not consider interruption issues allowing safe_mode / open_basedir
restriction bypass to be security sensitive. For more details see