[php-maint] Bug#382256: php5: CVE-2006-4020: arbitrary code
execution in php
Stefan Fritsch
sf at sfritsch.de
Wed Aug 9 19:11:26 UTC 2006
Package: php5
Severity: grave
Tags: security
Justification: user security hole
CVE-2006-4020:
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows
context-dependent attackers to execute arbitrary code via a sscanf PHP
function call that performs argument swapping, which increments an
index past the end of an array and triggers a buffer over-read.
patch is at
http://bugs.php.net/bug.php?id=38322
Please mention the CVE-id in the changelog
More information about the pkg-php-maint
mailing list