Package: php4 Version: 4:4.4.2-1 Severity: grave Three security vulnerabilites have been found in php. See http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02
i. PHP4/PHP5 wordwrap() buffer overflow CVE-2006-1990: Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396. ii. PHP4/PHP5 array_fill() DoS condition Function array_fill() fills an array with 'num' entries with the value of the 'value' parameter keys starting at the 'start_index' parameter. It is possible to set a large 'num' value (counter for while() loop) that will consume whole system memory in a few seconds and make system unusable. It is important to notice that large memory consumption is possible only on systems that have high value of 'memory_limit' set in php.ini. iii. PHP5 substr_compare() DoS condition CVE-2006-1991 The substr_compare function in string.c in PHP 4.4.2 and 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
