paul Posted April 19, 2007 Report Share Posted April 19, 2007 A heap-based buffer overflow vulnerability was found in PHP's gd extension. A script that could be forced to process WBMP images from an untrusted source could result in arbitrary code execution (CVE-2007-1001). A DoS flaw was found in how PHP processed a deeply nested array. A remote attacker could cause the PHP intrerpreter to creash by submitting an input variable with a deeply nested array (CVE-2007-1285). A vulnerability was discovered in the way PHP's unserialize() function processed data. A remote attacker able to pass arbitrary data to PHP's unserialize() function could possibly execute arbitrary code as the apache user (CVE-2007-1286). A double-free flaw was found in the session_decode() function that could allow a remote attacker to potentially execute arbitrary code as the apache user if they are able to pass arbitrary data to PHP's session_decode() function (CVE-2007-1711). A vulnerability in how PHP's mail() function processed header data was discovered. If a script sent mail using a subject header containing a string from an untrusted source, a remote attacker could send bulk email to unintended recipients (CVE-2007-1718). Updated packages have been patched to correct these issues. Link to comment Share on other sites More sharing options...
Recommended Posts