PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.
An integer overflow was discovered in the PHP memory handling routines. If
a script can cause memory allocation based on untrusted user data, a remote
attacker sending a carefully crafted request could execute arbitrary code
as the ‘apache’ user. (CVE-2006-4812)
This issue did not affect the PHP packages distributed with Red Hat
Enterprise Linux 3 or 4.
Users of PHP should upgrade to these updated packages which contain a
backported patch that corrects this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | php-devel | < 4.1.2-2.12 | php-devel-4.1.2-2.12.ia64.rpm |
RedHat | any | ia64 | php-manual | < 4.1.2-2.12 | php-manual-4.1.2-2.12.ia64.rpm |
RedHat | any | i386 | php-imap | < 4.1.2-2.12 | php-imap-4.1.2-2.12.i386.rpm |
RedHat | any | i386 | php-ldap | < 4.1.2-2.12 | php-ldap-4.1.2-2.12.i386.rpm |
RedHat | any | ia64 | php-imap | < 4.1.2-2.12 | php-imap-4.1.2-2.12.ia64.rpm |
RedHat | any | ia64 | php-odbc | < 4.1.2-2.12 | php-odbc-4.1.2-2.12.ia64.rpm |
RedHat | any | i386 | php-odbc | < 4.1.2-2.12 | php-odbc-4.1.2-2.12.i386.rpm |
RedHat | any | i386 | php | < 4.1.2-2.12 | php-4.1.2-2.12.i386.rpm |
RedHat | any | i386 | php-manual | < 4.1.2-2.12 | php-manual-4.1.2-2.12.i386.rpm |
RedHat | any | ia64 | php-mysql | < 4.1.2-2.12 | php-mysql-4.1.2-2.12.ia64.rpm |