Debian Security Advisory 1444-2 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. It was discovered that the patch for CVE-2007-4659 could lead to regressions in some scenarios. The fix has been reverted for now, a revised update will be provided in a future PHP DSA.
dda79c6d77254050d19f65dcad2c8f912bd1eaafbc90711f0b3651b4cf9362f5Debian Security Advisory 1444-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language.
e011051596ddd3a8f90e9d2879e9c2deb16475061948bea707a9778931608245Ubuntu Security Notice 549-2 - USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10.
9a0a4a1d82e27e9d74bb5eb17c3168dc8ab295a00a313b9b1b95a786a5cb345fUbuntu Security Notice 549-1 - Various integer overflows, arbitrary code execution, and denial of service vulnerabilities have been fixed in PHP 5.
82dae6b629e189b7e2d3dfbad033c409a70c0f0886d117b786a64d4164df2e82Gentoo Linux Security Advisory GLSA 200710-02 - Several vulnerabilities were found in PHP. Mattias Bengtsson and Philip Olausson reported integer overflows in the gdImageCreate() and gdImageCreateTrueColor() functions of the GD library which can cause heap-based buffer overflows. Gerhard Wagner discovered an integer overflow in the chunk_split() function that can lead to a heap-based buffer overflow. Its incomplete fix caused incorrect buffer size calculation due to precision loss, also resulting in a possible heap-based buffer overflow. A buffer overflow in the sqlite_decode_binary() of the SQLite extension found by Stefan Esser that was addressed in PHP 5.2.1 was not fixed correctly. Versions less than 5.2.4_p20070914-r2 are affected.
0954c820cef174c83409c66ee739a3d9955c800b776a51d4b17c9452a9f19875
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed