PHP ibase_blob_get() Function Overflow

2003-08-25T00:00:00
ID OSVDB:11670
Type osvdb
Reporter OSVDB
Modified 2003-08-25T00:00:00

Description

Vulnerability Description

PHP contains a flaw that may allow an attacker to gain elevated privileges. The issue is due to the ibase_blob_get() function not properly sanitizing user-supplied input. By passing an overly long string to the function, an attacker can trigger a buffer overflow and execute arbitrary code.

Solution Description

Upgrade to version 4.3.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

PHP contains a flaw that may allow an attacker to gain elevated privileges. The issue is due to the ibase_blob_get() function not properly sanitizing user-supplied input. By passing an overly long string to the function, an attacker can trigger a buffer overflow and execute arbitrary code.

References:

Vendor Specific News/Changelog Entry: http://bugs.php.net/bug.php?id=24224 Vendor Specific News/Changelog Entry: http://www.php.net/ChangeLog-4.php#4.3.3 Vendor Specific Advisory URL Related OSVDB ID: 11671 ISS X-Force ID: 13437 CVE-2003-0860