PHP 'php/ext/xml/xml.c' Integer Overflow Vulnerability

Bugtraq ID: 44889
Class: Boundary Condition Error
CVE: CVE-2009-5016
Remote: Yes
Local: No
Published: Oct 15 2010 12:00AM
Updated: Apr 13 2015 09:50PM
Credit: sirdarckcat
Vulnerable: Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 ARM
Ubuntu Ubuntu Linux 9.10 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux 5 Server
PHP PHP 5.2.10
PHP PHP 5.2.9 -2
PHP PHP 5.2.9
PHP PHP 5.2.8
PHP PHP 5.2.7
PHP PHP 5.2.6
PHP PHP 5.2.5
PHP PHP 5.2.4
PHP PHP 5.2.3
PHP PHP 5.2.2
PHP PHP 5.2.1
PHP PHP 5.1.6
PHP PHP 5.1.5
PHP PHP 5.1.4
PHP PHP 5.1.3 -RC1
PHP PHP 5.1.3
PHP PHP 5.1.2
+ Ubuntu Ubuntu Linux 6.06 LTS sparc
+ Ubuntu Ubuntu Linux 6.06 LTS powerpc
+ Ubuntu Ubuntu Linux 6.06 LTS i386
+ Ubuntu Ubuntu Linux 6.06 LTS amd64
PHP PHP 5.1.1
PHP PHP 5.1
PHP PHP 5.0.5
PHP PHP 5.0.4
PHP PHP 5.0.3
PHP PHP 5.0.2
PHP PHP 5.0.1
PHP PHP 5.0 candidate 3
PHP PHP 5.0 candidate 2
PHP PHP 5.0 candidate 1
PHP PHP 5.0 .0
PHP PHP 4.4.9
PHP PHP 4.4.8
PHP PHP 4.4.7
- Slackware Linux 10.2
- Slackware Linux 11.0
- Slackware Linux -current
PHP PHP 4.4.6
PHP PHP 4.4.5
PHP PHP 4.4.4
PHP PHP 4.4.3
PHP PHP 4.4.2
PHP PHP 4.4.1
PHP PHP 4.4 .0
PHP PHP 4.3.11
PHP PHP 4.3.10
+ Gentoo Linux
+ Red Hat Fedora Core3
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
+ Trustix Secure Linux 1.5
PHP PHP 4.3.9
PHP PHP 4.3.8
PHP PHP 4.3.7
PHP PHP 4.3.6
PHP PHP 4.3.5
PHP PHP 4.3.4
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux Personal 9.1
PHP PHP 4.3.3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ Turbolinux Home
+ Turbolinux Turbolinux 10 F...
+ Turbolinux Turbolinux Desktop 10.0
PHP PHP 4.3.2
PHP PHP 4.3.1
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ OpenPKG OpenPKG Current
+ S.u.S.E. Linux Personal 8.2
PHP PHP 4.3
PHP PHP 4.2.3
+ EnGarde Secure Linux 1.0.1
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
PHP PHP 4.2.2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
+ OpenPKG OpenPKG 1.1
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0
+ S.u.S.E. Linux 8.1
PHP PHP 4.2.1
- FreeBSD FreeBSD 4.6
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
+ Slackware Linux 8.1
PHP PHP 4.2 .0
PHP PHP 4.2 -dev
PHP PHP 4.1.2
+ Apple Mac OS X 10.1.5
+ Apple Mac OS X 10.1.4
+ Apple Mac OS X 10.1.3
+ Apple Mac OS X 10.1.2
+ Apple Mac OS X 10.1.1
+ Apple Mac OS X 10.1
+ Apple Mac OS X 10.1
+ Apple Mac OS X 10.0.4
+ Apple Mac OS X 10.0.3
+ Apple Mac OS X 10.0.2
+ Apple Mac OS X 10.0.1
+ Apple Mac OS X 10.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ MandrakeSoft Multi Network Firewall 2.0
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
PHP PHP 4.1.1
+ Conectiva Linux 7.0
PHP PHP 4.1 .0
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
PHP PHP 4.0.7 RC3
PHP PHP 4.0.7 RC2
PHP PHP 4.0.7 RC1
PHP PHP 4.0.7
PHP PHP 4.0.6
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ HP Secure OS software for Linux 1.0
- IBM AIX 4.3.3
- IBM AIX 4.3.2
- IBM AIX 4.3.1
- IBM AIX 4.3
- IBM AIX 5.1
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
+ Sun Cobalt RaQ 550
+ Sun LX50
+ Trustix Secure Linux 1.5
PHP PHP 4.0.5
PHP PHP 4.0.4
+ Compaq Compaq Secure Web Server PHP 1.0
+ Conectiva Linux 6.0
+ Guardian Digital Engarde Secure Linux 1.0.1
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
PHP PHP 4.0.3 pl1
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4 alpha
+ S.u.S.E. Linux 6.4
PHP PHP 4.0.3
PHP PHP 4.0.2
PHP PHP 4.0.1 pl2
PHP PHP 4.0.1 pl1
PHP PHP 4.0.1
+ Sun Cobalt Qube3 4000WG
+ Sun Cobalt Qube3 w/ Caching and RAID 4100WG
+ Sun Cobalt Qube3 w/Caching 4010WG
+ Sun Cobalt RaQ4 3001R
+ Sun Cobalt RaQ4 Japanese RAID 3100R-ja
+ Sun Cobalt RaQ4 RAID 3100R
PHP PHP 4.0 0
PHP PHP 5.2
+ Debian Linux 4.0 sparc
+ Debian Linux 4.0 s/390
+ Debian Linux 4.0 powerpc
+ Debian Linux 4.0 mipsel
+ Debian Linux 4.0 mips
+ Debian Linux 4.0 m68k
+ Debian Linux 4.0 ia-64
+ Debian Linux 4.0 ia-32
+ Debian Linux 4.0 hppa
+ Debian Linux 4.0 arm
+ Debian Linux 4.0 amd64
+ Debian Linux 4.0 alpha
+ Debian Linux 4.0
Not Vulnerable: PHP PHP 5.2.11


 

Privacy Statement
Copyright 2010, SecurityFocus