Advertisement

GStreamer Conference 2013, 22-23 Oct, Edinburgh

GStreamer, Embedded Linux, Android, VoD, Smooth Streaming, DRM, RTSP, HEVC, PulseAudio, OpenGL. Register now to attend.

Create an account

Subscribe to LWN

Shumway lands in Firefox

LWN.net Weekly Edition for October 3, 2013

Integrity and embedded devices

NUMA scheduling progress

LWN.net Weekly Edition for September 26, 2013

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

php: code execution

Package(s):

php

CVE #(s):

CVE-2013-2110

Created:

June 11, 2013

Updated:

June 24, 2013

Description:

From the Slackware advisory:

A heap-based overflow in the quoted_printable_encode() function could be used by a remote attacker to crash PHP or execute code as the 'apache' user.

Alerts:

Slackware	SSA:2013-161-01	2013-06-10
Ubuntu	USN-1872-1	2013-06-11
Mageia	MGASA-2013-0172	2013-06-18
Mageia	MGASA-2013-0176	2013-06-19
Fedora	FEDORA-2013-10233	2013-06-23

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds