Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2010-1868

Disclosure Date: May 07, 2010
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, which triggers access of uninitialized memory.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Technical Analysis