remote code execution in php4, php5

2008-01-29T14:18:48
ID SUSE-SA:2008:004
Type suse
Reporter Suse
Modified 2008-01-29T14:18:48

Description

php5 was updated to version 5.2.5 to fix several security vulnerabilities. For php4 on SLES9 the patches were backported. - php4 on SLES9 and php5 on SLES10/10.1 contained a copy of the pcre library which was vulnerable to several security issues. On SLES9 the included library was patched. SLES10/10.1 now uses the system pcre library. 10.2 and 10.3 already used the system pcre library before. (CVE-2007-1659, CVE-2006-7230, CVE-2007-1660, CVE-2006-7227 CVE-2005-4872, CVE-2006-7228) - flaws in processing multi byte sequences in htmlentities/htmlspecialchars (CVE-2007-5898) - overly long arguments to the dl() function could crash php (CVE-2007-4825) - overy long arguments to the glob() function could crash php (CVE-2007-4782) - overly long arguments to some iconv functions could crash php (CVE-2007-4840) - overy long arguments to the setlocale() function could crash php (CVE-2007-4784) - the wordwrap-function could cause a floating point exception (CVE-2007-3998) - overy long arguments to the fnmatch() function could crash php (CVE-2007-4782) - incorrect size calculation in the chunk_split function could lead to a buffer overflow (CVE-2007-4661) - flaws in the GD extension could lead to integer overflows (CVE-2007-3996) - the money_format function contained format string flaws (CVE-2007-4658)

Solution

There is no known workaround, please install the update packages.