[php-maint] Bug#391586: Security: Possible remote-code execution
via integer overflow (CVE-2006-4812)
debian-bts at spamblock.netzgehirn.de
debian-bts at spamblock.netzgehirn.de
Sat Oct 7 14:32:52 CEST 2006
Package: php5
Version: all
Severity: critical
Tags: security, fixed-upstream
See
http://www.heise-security.co.uk/news/79145
and
http://rhn.redhat.com/errata/RHSA-2006-0708.html
"
An integer overflow was discovered in the PHP memory handling routines. If
a script can cause memory allocation based on untrusted user data, a remote
attacker sending a carefully crafted request could execute arbitrary code
as the 'apache' user. (CVE-2006-4812)
"
and
http://archives.mandrivalinux.com/security-announce/2006-10/msg00004.php
Fixed upstream:
http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_alloc.c?r1=1.161&r2=1.162
Old versions of Php4 are possibly also affected.
More information about the pkg-php-maint
mailing list