9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.317 Low
EPSS
Percentile
96.5%
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.
A response-splitting issue was discovered in the PHP session handling. If
a remote attacker can force a carefully crafted session identifier to be
used, a cross-site-scripting or response-splitting attack could be
possible. (CVE-2006-3016)
A buffer overflow was discovered in the PHP sscanf() function. If a script
used the sscanf() function with positional arguments in the format string,
a remote attacker sending a carefully crafted request could execute
arbitrary code as the ‘apache’ user. (CVE-2006-4020)
An integer overflow was discovered in the PHP wordwrap() and str_repeat()
functions. If a script running on a 64-bit server used either of these
functions on untrusted user data, a remote attacker sending a carefully
crafted request might be able to cause a heap overflow. (CVE-2006-4482)
A buffer overflow was discovered in the PHP gd extension. If a script was
set up to process GIF images from untrusted sources using the gd extension,
a remote attacker could cause a heap overflow. (CVE-2006-4484)
An integer overflow was discovered in the PHP memory allocation handling.
On 64-bit platforms, the “memory_limit” setting was not enforced correctly,
which could allow a denial of service attack by a remote user. (CVE-2006-4486)
Users of PHP should upgrade to these updated packages which contain
backported patches to correct these issues. These packages also contain a
fix for a bug where certain input strings to the metaphone() function could
cause memory corruption.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390x | php-mysql | < 4.3.9-3.18 | php-mysql-4.3.9-3.18.s390x.rpm |
RedHat | any | s390x | php-ldap | < 4.3.9-3.18 | php-ldap-4.3.9-3.18.s390x.rpm |
RedHat | any | i386 | php-imap | < 4.3.9-3.18 | php-imap-4.3.9-3.18.i386.rpm |
RedHat | any | ppc | php-ldap | < 4.3.9-3.18 | php-ldap-4.3.9-3.18.ppc.rpm |
RedHat | any | i386 | php-devel | < 4.3.9-3.18 | php-devel-4.3.9-3.18.i386.rpm |
RedHat | any | i386 | php-xmlrpc | < 4.3.9-3.18 | php-xmlrpc-4.3.9-3.18.i386.rpm |
RedHat | any | ia64 | php-gd | < 4.3.9-3.18 | php-gd-4.3.9-3.18.ia64.rpm |
RedHat | any | i386 | php-gd | < 4.3.9-3.18 | php-gd-4.3.9-3.18.i386.rpm |
RedHat | any | ppc | php-domxml | < 4.3.9-3.18 | php-domxml-4.3.9-3.18.ppc.rpm |
RedHat | any | s390x | php-mbstring | < 4.3.9-3.18 | php-mbstring-4.3.9-3.18.s390x.rpm |