PHP Zip Extract method denial of service vulnerability-vulnerability warning-the black bar safety net

2010-12-22T00:00:00
ID MYHACK58:62201028643
Type myhack58
Reporter 佚名
Modified 2010-12-22T00:00:00

Description

Affected system: PHP PHP 5.3.3 PHP PHP 5.3.2 PHP PHP 5.3.1 PHP PHP 5.3 PHP PHP 5.2 - 5.3.2 Not affected system: PHP PHP 5.3.4 PHP PHP 5.2.15 Description: --------------------------------------------------------------------------------

BUGTRAQ ID: 4 5 3 3 5

PHP is a widely-used General-purpose scripting language that is especially suited for Web development and can be embedded into HTML.

PHP Zip Extract method is implemented on the presence of the vulnerability, an attacker can exploit this vulnerability to cause the application to crash, denial of service attacks.

<**>

Recommendations: -------------------------------------------------------------------------------- Manufacturers patch:

PHP --- The current vendors have released an upgrade patch to fix this security issue, please go to the manufacturers home page download:

http://www.php.net