PHP 'phar/tar.c' Heap Buffer Overflow Vulnerability

Bugtraq ID: 47545
Class: Boundary Condition Error
CVE: CVE-2012-2386
Remote: Yes
Local: No
Published: Apr 22 2011 12:00AM
Updated: Sep 24 2012 01:20PM
Credit: Alexander Gavrun
Vulnerable: Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 11.10 i386
Ubuntu Ubuntu Linux 11.10 amd64
Ubuntu Ubuntu Linux 11.04 powerpc
Ubuntu Ubuntu Linux 11.04 i386
Ubuntu Ubuntu Linux 11.04 ARM
Ubuntu Ubuntu Linux 11.04 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
SuSE SUSE Linux Enterprise Server for VMware 11 SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise SDK 11 SP2
RedHat Enterprise Linux Desktop Workstation 5 client
Red Hat Fedora 16
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux 5 Server
PHP PHP 5.4.3
PHP PHP 5.4.2
PHP PHP 5.3.13
PHP PHP 5.3.12
PHP PHP 5.3.9
PHP PHP 5.3.8
PHP PHP 5.3.7
PHP PHP 5.3.6
PHP PHP 5.3.5
PHP PHP 5.3.2
PHP PHP 5.3.1
PHP PHP 5.3
PHP PHP 5.2.17
PHP PHP 5.2.15
PHP PHP 5.2.13
PHP PHP 5.2.12
PHP PHP 5.2.11
PHP PHP 5.2.10
PHP PHP 5.2.9 -2
PHP PHP 5.2.9
PHP PHP 5.2.8
PHP PHP 5.2.7
PHP PHP 5.2.6
PHP PHP 5.2.5
PHP PHP 5.2.4
PHP PHP 5.2.3
PHP PHP 5.2.2
PHP PHP 5.2.1
PHP PHP 5.1.6
PHP PHP 5.1.5
PHP PHP 5.1.4
PHP PHP 5.1.3 -RC1
PHP PHP 5.1.3
PHP PHP 5.1.2
+ Ubuntu Ubuntu Linux 6.06 LTS sparc
+ Ubuntu Ubuntu Linux 6.06 LTS powerpc
+ Ubuntu Ubuntu Linux 6.06 LTS i386
+ Ubuntu Ubuntu Linux 6.06 LTS amd64
PHP PHP 5.1.1
PHP PHP 5.1
PHP PHP 5.0.5
PHP PHP 5.0.4
PHP PHP 5.0.3
PHP PHP 5.0.2
PHP PHP 5.0.1
PHP PHP 5.0 .0
PHP PHP 5.4.1RC1-DEV
PHP PHP 5.3.4 RC1
PHP PHP 5.3.4
PHP PHP 5.3.3
PHP PHP 5.3.11
PHP PHP 5.3.10
PHP PHP 5.2.14
PHP PHP 5.2
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Oracle Enterprise Linux 5
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Kolab Kolab Groupware Server 2.2.4
Kolab Kolab Groupware Server 2.2.3
Kolab Kolab Groupware Server 2.2.2
Kolab Kolab Groupware Server 2.2
Kolab Kolab Groupware Server 2.1
Kolab Kolab Groupware Server 2.0.4
Kolab Kolab Groupware Server 2.0.3
Kolab Kolab Groupware Server 2.0.2
Kolab Kolab Groupware Server 2.0.1
Kolab Kolab Groupware Server 2.3.1
Kolab Kolab Groupware Server 2.2-rc3
Kolab Kolab Groupware Server 2.2-rc1
Kolab Kolab Groupware Server 2.2 beta3
Kolab Kolab Groupware Server 2.2 beta1
Kolab Kolab Groupware Server 2.2 -rc2
Kolab Kolab Groupware Server 2.1beta2
Kolab Groupware Server 2.1.beta3
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Apple Mac Os X Server 10.7.3
Apple Mac Os X Server 10.7.2
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7
Apple Mac Os X Server 10.6.8
Apple Mac Os X 10.7.4
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Not Vulnerable: Kolab Kolab Groupware Server 2.3.2


 

Privacy Statement
Copyright 2010, SecurityFocus