Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : php5 vulnerabilities (USN-628-1)

It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...

CVE-2008-2829

phpimap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related...