PHP Prior to 5.2.2/4.4.7 Multiple Remote Buffer Overflow Vulnerabilities

PHP is prone to three remote buffer-overflow vulnerabilities because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers.

An attacker can exploit these issues to execute arbitrary machine code in the context of the affected webserver. Failed exploit attempts will likely crash the webserver, denying service to legitimate users.

All three issues affect PHP 5.2.1 and prior versions; PHP 4.4.6 and prior versions are affected only by one of the issues.

Few details are available at the moment. These issues may have been previously described in other BIDs. This record may be updated or retired if further analysis shows that these issues have been reported in the past.


Privacy Statement
Copyright 2010, SecurityFocus