EUVD-2007-1883

Malware in sbrugna...

SUSE CVE-2007-1889

Integer signedness error in the zendmmallocint function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msgreceive wi...

Internet Bug Bounty: Heap Overflow Due To Integer Overflow

Bug reported : https://bugs.php.net/bug.php?id=72455 PHPFUNCTIONmdecryptgeneric snip int blocksize, datasize; // signed int / Check blocksize / if mcryptencisblockmodepm-td == 1 / It's a block algorithm / blocksize = mcryptencgetblocksizepm-td; datasize = intdatalen - 1 / blocksize + 1 blocksize;...

CVE-2007-1889

Integer signedness error in the zendmmallocint function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msgreceive wi...

Inaccurate Reports Concerning PHP Vulnerabilities

There have been a number of reports circulating about possible vulnerabilities in PHP. I'm going to address them one-by-one: Integer Overflow in socketiovecalloc WRONG! This is a Null-pointer de-reference: EAX = 00000000 EDI = 41414141 0085353A 8B 38 mov edi,dword ptr eax The access violation...

Inaccurate Reports Concerning PHP Vulnerabilities

There have been a number of reports circulating about possible vulnerabilities in PHP. I'm going to address them one-by-one: Integer Overflow in socketiovecalloc WRONG! This is a Null-pointer de-reference: EAX = 00000000 EDI = 41414141 0085353A 8B 38 mov edi,dword ptr eax The access violation...