php: multiple vulnerabilities [LWN.net]

Package(s):

php

CVE #(s):

CVE-2010-2190 CVE-2010-1914 CVE-2010-1915

Created:

August 24, 2010

Updated:

October 6, 2010

Description:

From the CVE entries:

The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature. (CVE-2010-2190)

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_function), or (3) ZEND_SR opcode (shift_right_function), related to the convert_to_long_base function. (CVE-2010-1914)

The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature, modification of ZVALs whose values are not updated in the associated local variables, and access of previously-freed memory. (CVE-2010-1915)

Alerts:

Ubuntu	USN-1231-1	php5	2011-10-18
Gentoo	201110-06	php	2011-10-10
SUSE	SUSE-SR:2010:017	java-1_4_2-ibm, sudo, libpng, php5, tgt, iscsitarget, aria2, pcsc-lite, tomcat5, tomcat6, lvm2, libvirt, rpm, libtiff, dovecot12	2010-09-21
openSUSE	openSUSE-SU-2010:0599-1	php5	2010-09-10
Fedora	FEDORA-2010-11428	maniadrive	2010-07-27
Fedora	FEDORA-2010-11481	maniadrive	2010-07-27
Fedora	FEDORA-2010-11428	php-eaccelerator	2010-07-27
Fedora	FEDORA-2010-11481	php-eaccelerator	2010-07-27
Fedora	FEDORA-2010-11428	php	2010-07-27
Fedora	FEDORA-2010-11481	php	2010-07-27
openSUSE	openSUSE-SU-2010:0678-1	php5	2010-09-29
SUSE	SUSE-SR:2010:018	samba libgdiplus0 libwebkit bzip2 php5 ocular	2010-10-06