PHP Zip URL Wrapper Stack Buffer Overflow Vulnerability

PHP is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

This issue affects PHP 5.2.0 and PHP with PECL ZIP <= 1.8.3.


Privacy Statement
Copyright 2010, SecurityFocus