EUVD-2007-4642

Malware in sbrugna...

SuSE9 Security Update : PHP4 (YOU Patch Number 12049)

This update fixes multiple bugs in php : - several problems in pcre CVE-2007-1660, CVE-2006-7225, CVE-2006-7224, CVE-2006-7226 CVE-2007-1659, CVE-2006-7230 - Flaws in processing multi byte sequences in htmlentities/htmlspecialchars. CVE-2007-5898 - overly long arguments to the dl function could...

Mandriva Linux Security Advisory : php (MDVSA-2008:126)

A number of vulnerabilities have been found and corrected in PHP : PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being...

Mandriva Update for php MDVSA-2008:126 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:126 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Mandriva Update for php MDVSA-2008:126 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:126 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-4810)

This update fixes multiple bugs in php : - use system pcre library to fix several pcre vulnerabilities CVE-2007-1659, CVE-2006-7230, CVE-2007-1660, CVE-2006-7227 CVE-2005-4872, CVE-2006-7228 - Flaws in processing multi byte sequences in htmlentities/htmlspecialchars CVE-2007-5898 - overly long...

Debian DSA-1444-2 : php5 - several vulnerabilities

It was discovered that the patch for CVE-2007-4659 could lead to regressions in some scenarios. The fix has been reverted for now, a revised update will be provided in a future PHP DSA. For reference the original advisory below : Several remote vulnerabilities have been discovered in PHP, a...

RHEL 2.1 : php (RHSA-2007:0888)

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server...

Moderate: Red Hat Security Advisory: php security update

Updated PHP packages that fix several security issues are now available for Red Hat Application Stack. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The...

php security update

CentOS Errata and Security Advisory CESA-2007:0889 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting languag...

CentOS 4 / 5 : php (CESA-2007:0890)

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

Heap overflow

The chunksplit function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is...

CVE-2007-4661

The chunksplit function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is...

CVE-2007-4660

Unspecified vulnerability in the chunksplit function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation...

CVE-2007-4661

CVE-2007-4661 affects PHP 5.2.3: the chunk_split function miscomputes the required buffer size due to precision loss in floating point arithmetic, which can lead to a heap-based buffer overflow. The description notes this stems from an incomplete fix for CVE-2007-2872 and lists the impact as unkn...

Integer overflow

Multiple integer overflows in the chunksplit function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service crash or execute arbitrary code via the 1 chunks, 2 srclen, and 3 chunklen arguments...

CVE-2007-2872

CVE-2007-2872: Multiple integer overflows in PHP’s chunk_split function affect PHP 5 prior to 5.2.3 and PHP 4 prior to 4.4.8. An attacker can provide crafted values for the third argument (chunklen) and related parameters (chunks, srclen) to trigger a crash or potentially execute arbitrary code r...