Ubuntu 4.10 : php4 vulnerabilities (USN-99-1)

Stefano Di Paola discovered integer overflows in PHP's pack and unpack functions. A malicious PHP script could exploit these to break out of safe mode and execute arbitrary code with the privileges of the PHP interpreter. CAN-2004-1018 Note: The second part of CAN-2004-1018 buffer overflow in the...

USN-99-2: Fixed php4 packages for USN-99-1

USN-99-1 fixed a safe mode bypass which allowed malicious PHP scripts to circumvent path restrictions by creating a specially crafted directory whose length exceeded the capacity of the realpath function CAN-2004-1064. However, this caused severe regressions, some applications like SquirrelMail a...