[php-maint] Bug#382256: php5: CVE-2006-4020: arbitrary code execution in php

Stefan Fritsch sf at sfritsch.de
Wed Aug 9 19:11:26 UTC 2006

Package: php5
Severity: grave
Tags: security
Justification: user security hole

scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows
context-dependent attackers to execute arbitrary code via a sscanf PHP
function call that performs argument swapping, which increments an
index past the end of an array and triggers a buffer over-read.

patch is at 

Please mention the CVE-id in the changelog

More information about the pkg-php-maint mailing list