PHP str_replace() Function Unspecified Overflow

2007-02-09T07:18:50
ID OSVDB:34711
Type osvdb
Reporter OSVDB
Modified 2007-02-09T07:18:50

Description

Solution Description

Upgrade to version 4.4.5, 5.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.php.net/ Vendor Specific News/Changelog Entry: http://www.php.net/releases/5_2_1.php Vendor Specific News/Changelog Entry: http://www.php.net/ChangeLog-5.php#5.2.1 Vendor Specific Advisory URL Secunia Advisory ID:24089 Secunia Advisory ID:24241 Secunia Advisory ID:24284 Secunia Advisory ID:24295 Secunia Advisory ID:24421 Secunia Advisory ID:24195 Secunia Advisory ID:24282 Secunia Advisory ID:24514 Secunia Advisory ID:24217 Secunia Advisory ID:24326 Secunia Advisory ID:24419 Secunia Advisory ID:24432 Secunia Advisory ID:24606 Secunia Advisory ID:26048 Secunia Advisory ID:24236 Secunia Advisory ID:24248 Secunia Advisory ID:24322 Secunia Advisory ID:24642 Secunia Advisory ID:24945 Related OSVDB ID: 32763 Related OSVDB ID: 34706 Related OSVDB ID: 34709 Related OSVDB ID: 34712 Related OSVDB ID: 34715 Related OSVDB ID: 32762 Related OSVDB ID: 32766 Related OSVDB ID: 32768 Related OSVDB ID: 34710 Related OSVDB ID: 32764 Related OSVDB ID: 32767 Related OSVDB ID: 34707 Related OSVDB ID: 34713 Related OSVDB ID: 34708 Related OSVDB ID: 34714 RedHat RHSA: RHSA-2007:0076 RedHat RHSA: RHSA-2007:0081 RedHat RHSA: RHSA-2007:0089 Other Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc Other Advisory URL: http://fedoranews.org/cms/node/2681 Other Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-April/000176.html Other Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html Other Advisory URL: https://lists.ubuntu.com/archives/ubuntu-security-announce/2007-February/000487.html Other Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.535756 Other Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200703-21.xml Other Advisory URL: http://www.us.debian.org/security/2007/dsa-1264 Other Advisory URL: http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html Other Advisory URL: http://fedoranews.org/cms/node/2720 Other Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-February/000154.html Other Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:048 Other Advisory URL: http://www.trustix.org/errata/2007/0009/ CVE-2007-0906