7 matches found
Gentoo Security Advisory GLSA 200605-08 (php)
The remote host is missing updates announced in advisory GLSA 200605-08. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 10 Security Update : php5 (php5-1590)
This update fixes the following security issues: - invalid charactes in session names were not blocked - a bug in zendhashdel allowed attackers to prevent unsetting of some variables - bugs in the substrcompare and wordwrap function could crash php CVE-2006-1991, CVE-2006-1990 - a memory leak in...
Moderate: Red Hat Security Advisory: php security update
Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...
Mandrake Linux Security Advisory : php (MDKSA-2006:091)
An integer overflow in the wordwrap function could allow attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, triggering a heap-based buffer overflow CVE-2006-1990. The substrcompare function in PHP 5.x and 4.4.2 could allow attackers to cause ...
php security update
CentOS Errata and Security Advisory CESA-2006:0501-02 Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...
Moderate: Red Hat Security Advisory: php security update
Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server...
CVE-2006-1990
CVE-2006-1990 affects PHP 4.4.2 and 5.1.2 and is caused by an integer overflow in the wordwrap function in string.c, leading to a heap-based buffer overflow in memcpy. This vulnerability could allow context-dependent attackers to execute arbitrary code. Connected documents reference PHP4/PHP5 adv...