PHP HTMLEntities HTMLSpecialChars Buffer Overflow Vulnerabilities

PHP is prone to multiple buffer-overflow vulnerabilities because it fails to effectively bounds-check user-supplied input before copying it to an insufficiently sized buffer.

An attacker could exploit these issues to have arbitrary code execute in the context of an affected webserver. This may lead to the compromise of the webserver. Failed exploit attempts could cause denial-of-service conditions, denying access to legitimate users.

Only limited information is available regarding these issues. This BID will be updated as more information becomes available.

PHP 5 is vulnerable to these issues.

NOTE: The affected functions are employed by a large number of popular PHP libraries. As a result, there are many PHP applications affected by this issue.


Privacy Statement
Copyright 2010, SecurityFocus