PHP Session Extension Heap Corruption Issue

2006-05-01T00:00:00
ID OSVDB:25254
Type osvdb
Reporter OSVDB
Modified 2006-05-01T00:00:00

Description

Vulnerability Description

PHP contains a flaw related to session extension that may allow an attacker to cause a heap corruption. No further details have been provided.

Solution Description

Upgrade to version 5.1.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

PHP contains a flaw related to session extension that may allow an attacker to cause a heap corruption. No further details have been provided.

References:

Vendor URL: http://www.php.net/ Vendor Specific News/Changelog Entry: http://www.php.net/release_5_1_3.php Vendor Specific Advisory URL Security Tracker: 1016306 Secunia Advisory ID:19927 Secunia Advisory ID:21050 Secunia Advisory ID:21125 Related OSVDB ID: 25253 Related OSVDB ID: 25255 Other Advisory URL: http://www.ubuntu.com/usn/usn-320-1 CVE-2006-3018