Unrated severityNVD Advisory· Published Nov 9, 2010· Updated Jun 16, 2026
CVE-2010-3436
CVE-2010-3436
Description
fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 4 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
- osv-coords3 versionspkg:rpm/opensuse/php5&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php7&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php8&distro=openSUSE%20Tumbleweed
< 5.6.28-1.1+ 2 more
- (no CPE)range: < 5.6.28-1.1
- (no CPE)range: < 7.0.14-1.4
- (no CPE)range: < 8.0.11-1.1
Patches
Vulnerability mechanics
References
19- svn.php.net/viewvc/php/php-src/trunk/main/fopen_wrappers.cnvdPatchVendor Advisory
- svn.php.net/viewvcnvdPatchVendor Advisory
- lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlnvdMailing ListThird Party Advisory
- lists.apple.com/archives/security-announce/2011/Mar/msg00006.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/42729nvdThird Party Advisory
- secunia.com/advisories/42812nvdThird Party Advisory
- security-tracker.debian.org/tracker/CVE-2010-3436nvdThird Party Advisory
- slackware.com/security/viewer.phpnvdThird Party Advisory
- support.apple.com/kb/HT4581nvdThird Party Advisory
- support.apple.com/kb/HT5002nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.php.net/ChangeLog-5.phpnvdVendor Advisory
- www.php.net/archive/2010.phpnvdVendor Advisory
- www.php.net/releases/5_2_15.phpnvdVendor Advisory
- www.php.net/releases/5_3_4.phpnvdVendor Advisory
- www.securityfocus.com/bid/44723nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1042-1nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/3313nvdPermissions Required
- www.vupen.com/english/advisories/2011/0077nvdPermissions Required
News mentions
0No linked articles in our index yet.