PHP Calendar Extension 'SdnToJulian()' Remote Integer Overflow Vulnerability

PHP is prone to an integer-overflow vulnerability in the calendar extension because it fails to ensure that integer values are not overrun.

Successful exploits of this vulnerability allow remote attackers to execute arbitrary code in the context of a webserver affected by the issue. Failed attempts will likely result in denial-of-service conditions.

Versions prior to PHP 5.3.6 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus