User: Password:
|
|
Subscribe / Log in / New account

php: multiple vulnerabilities

Package(s):php CVE #(s):CVE-2006-1990 CVE-2006-1991 CVE-2006-3017
Created:May 25, 2006 Updated:August 18, 2006
Description: The php wordwrap() function is vulnerable to an integer overflow. Attackers can submit long arguments to cause a heap-based buffer overflow, allowing arbitrary code execution.

PHP 5.x and PHP 4.4.2 have a problem with the substr_compare() function. An attacker can use an out-of-bounds offset argument to cause a memory access violation, causing a denial of service.

A bug in zend_hash_del() allowed attackers to prevent unsetting of some variables

Alerts:
Slackware SSA:2006-217-01 php 2006-08-07
Gentoo 200605-08:02 PHP 2006-05-08
Fedora-Legacy FLSA:175040 php 2006-07-27
Ubuntu USN-320-2 php 2006-07-26
Red Hat RHSA-2006:0567-01 PHP 2006-07-25
Ubuntu USN-320-1 php4, php5 2006-07-19
Red Hat RHSA-2006:0568-01 PHP 2006-07-12
Mandriva MDKSA-2006:122 php 2006-07-13
SuSE SUSE-SA:2006:034 php4 2006-06-22
SuSE SUSE-SA:2006:031 PHP4,PHP5 2006-06-14
Mandriva MDKSA-2006:091 php 2006-05-24

(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds