Jump to content

Advisories MDVSA-2010:218: php


paul
 Share

Recommended Posts

Multiple vulnerabilities were discovered and corrected in php:

 

Stack consumption vulnerability in the filter_var function in PHP 5.2.x

through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL

mode is used, allows remote attackers to cause a denial of service

(memory consumption and application crash) via a long e-mail address

string (CVE-2010-3710).

 

A NULL pointer dereference was discovered in

ZipArchive::getArchiveComment (CVE-2010-3709).

 

A possible flaw was discovered in open_basedir (CVE-2010-3436).

 

Packages for 2009.0 are provided as of the Extended Maintenance

Program. Please visit this link to learn more:

http://store.mandriva.com/product_info.php?cPath=149&products_id=490

 

The updated packages have been patched to correct these issues.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...