PHP Hash_Update_File Freed Resource Access Code Execution Vulnerability

Bugtraq ID: 23062
Class: Design Error
CVE:
Remote: No
Local: Yes
Published: Mar 20 2007 12:00AM
Updated: Mar 21 2007 04:03PM
Credit: Stefan Esser discovered this vulnerability.
Vulnerable: PHP PHP 5.2.1
+ Ubuntu Ubuntu Linux 7.04 sparc
+ Ubuntu Ubuntu Linux 7.04 powerpc
+ Ubuntu Ubuntu Linux 7.04 i386
+ Ubuntu Ubuntu Linux 7.04 amd64
PHP PHP 5.1.6
+ Ubuntu Ubuntu Linux 6.10 sparc
+ Ubuntu Ubuntu Linux 6.10 powerpc
+ Ubuntu Ubuntu Linux 6.10 i386
+ Ubuntu Ubuntu Linux 6.10 amd64
PHP PHP 5.1.5
PHP PHP 5.1.4
PHP PHP 5.1.3 -RC1
PHP PHP 5.1.3
PHP PHP 5.1.2
+ Ubuntu Ubuntu Linux 6.06 LTS sparc
+ Ubuntu Ubuntu Linux 6.06 LTS powerpc
+ Ubuntu Ubuntu Linux 6.06 LTS i386
+ Ubuntu Ubuntu Linux 6.06 LTS amd64
PHP PHP 5.1.1
PHP PHP 5.1
PHP PHP 5.0.5
PHP PHP 5.0.4
PHP PHP 5.0.3
+ Trustix Secure Linux 2.2
PHP PHP 5.0.2
PHP PHP 5.0.1
PHP PHP 5.0 candidate 3
PHP PHP 5.0 candidate 2
PHP PHP 5.0 candidate 1
PHP PHP 5.0 .0
PHP PHP 5.2
+ Debian Linux 4.0 sparc
+ Debian Linux 4.0 s/390
+ Debian Linux 4.0 powerpc
+ Debian Linux 4.0 mipsel
+ Debian Linux 4.0 mips
+ Debian Linux 4.0 m68k
+ Debian Linux 4.0 ia-64
+ Debian Linux 4.0 ia-32
+ Debian Linux 4.0 hppa
+ Debian Linux 4.0 arm
+ Debian Linux 4.0 amd64
+ Debian Linux 4.0 alpha
+ Debian Linux 4.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus