N/A

The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature, modification of ZVALs whose values are not updated in the associated local variables, and access of previously-freed memory.

N/A

N/A

PHP preg_quote函数信息泄露漏洞

PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP 5.2和5.3的preg_quote函数存在漏洞，上下文依赖的攻击者可引发内部函数的用户空间中断，获取敏感信息(内存内容)，与函数调用时传递引用特性相关，修改本地相关变量中未更新的ZVALs值，并访问先前释放的内存。

N/A

N/A