LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

php: multiple vulnerabilities

Package(s):php CVE #(s):CVE-2006-1990 CVE-2006-1991 CVE-2006-3017
Created:May 25, 2006 Updated:August 18, 2006
Description: The php wordwrap() function is vulnerable to an integer overflow. Attackers can submit long arguments to cause a heap-based buffer overflow, allowing arbitrary code execution.

PHP 5.x and PHP 4.4.2 have a problem with the substr_compare() function. An attacker can use an out-of-bounds offset argument to cause a memory access violation, causing a denial of service.

A bug in zend_hash_del() allowed attackers to prevent unsetting of some variables

Alerts:
Slackware SSA:2006-217-01 2006-08-07
Gentoo 200605-08:02 2006-05-08
Fedora-Legacy FLSA:175040 2006-07-27
Ubuntu USN-320-2 2006-07-26
Red Hat RHSA-2006:0567-01 2006-07-25
Ubuntu USN-320-1 2006-07-19
Red Hat RHSA-2006:0568-01 2006-07-12
Mandriva MDKSA-2006:122 2006-07-13
SuSE SUSE-SA:2006:034 2006-06-22
SuSE SUSE-SA:2006:031 2006-06-14
Mandriva MDKSA-2006:091 2006-05-24
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds