Gentoo FoundationGLSA-200608-28PHP: Arbitary code execution
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
55.0%
Background
PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML.
Description
The sscanf() PHP function contains an array boundary error that can be exploited to dereference a null pointer. This can possibly allow the bypass of the safe mode protection by executing arbitrary code.
Impact
A remote attacker might be able to exploit this vulnerability in PHP applications making use of the sscanf() function, potentially resulting in the execution of arbitrary code or the execution of scripted contents in the context of the affected site.
Workaround
There is no known workaround at this time.
Resolution
All PHP 4.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-4.4.3-r1"
All PHP 5.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-5.1.4-r6"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | dev-lang/php | < 5.1.4-r6 | UNKNOWN |
Related
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
55.0%