PHP zend_hash_del() Variable Unsetting Unspecified Issue

2006-06-15T09:19:07
ID OSVDB:26466
Type osvdb
Reporter Suse Security Announce()
Modified 2006-06-15T09:19:07

Description

Vulnerability Description

PHP contains a flaw related to the zend_hash_del() variable that may allow an attacker to compromise a vulnerable system. No further details have been provided.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, a patch has been released to address this vulnerability.

Short Description

PHP contains a flaw related to the zend_hash_del() variable that may allow an attacker to compromise a vulnerable system. No further details have been provided.

References:

Vendor URL: http://www.php.net/ Vendor Specific News/Changelog Entry: http://www.php.net/release_4_4_3.php Vendor Specific News/Changelog Entry: http://www.php.net/release_5_1_3.php Vendor Specific Advisory URL Secunia Advisory ID:22713 Secunia Advisory ID:22225 Secunia Advisory ID:20676 Secunia Advisory ID:21328 Other Advisory URL: https://issues.rpath.com/browse/RPL-683 Other Advisory URL: http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html Other Advisory URL: http://www.us.debian.org/security/2006/dsa-1206 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0166.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-08/0426.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-08/0524.html CVE-2006-2657 CVE-2006-3017 CVE-2006-4548