PHP 5 PHP_Stream_Filter_Create() Function Buffer Overflow Vulnerability

PHP is prone to a buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers.

An attacker can exploit this issue remotely by supplying a 'php://filter' URL to one of the file functions.

The attacker can exploit this issue to execute arbitrary machine code in the context of the affected webserver. Failed exploit attempts will likely crash the webserver, denying service to legitimate users.

Successful exploits for this issue will depend on the application's heap-memory implementation. PHP version 5.2.0 introduced a new memory manager that makes all little-endian platforms exploitable.

This issue affects PHP versions prior to 5.2.1.


Privacy Statement
Copyright 2010, SecurityFocus