Fedora Core 3 : php-4.3.11-2.6 (2005-517)

This update includes the PEAR XMLRPC 1.3.1 package, which fixes a security issue in the XMLRPC server implementation. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2005-1921 to this issue. The bundled version of shtool is also updated, to fix some...

CVE-2005-1042

The CVE-2005-1042 entry corresponds to an integer overflow in exif_process_IFD_TAG within PHP’s exif.c (pre-4.3.11), enabling possible remote code execution via an crafted IFD tag with a negative byte count. Connected records corroborate that PHP4/Exif-related components were affected and that mu...