Date April 18th, 2007
Advisory ID MDKSA-2007:090
Affected versions 2007.1
Synopsis Updated php packages fix multiple vulnerabilities
Problem Description
A heap-based buffer overflow vulnerability was found in PHP's gd
extension. A script that could be forced to process WBMP images
from an untrusted source could result in arbitrary code execution
(CVE-2007-1001).
A DoS flaw was found in how PHP processed a deeply nested array.
A remote attacker could cause the PHP intrerpreter to creash
by submitting an input variable with a deeply nested array
(CVE-2007-1285).
The internal filter module in PHP in certain instances did not properly
strip HTML tags, which allowed a remote attacker conduct cross-site
scripting (XSS) attacks (CVE-2007-1454).
A vulnerability in the way the mbstring extension set global variables
was discovered where a script using the mb_parse_str() function to
set global variables could be forced to to enable the register_globals
configuration option, possibly resulting in global variable injection
(CVE-2007-1583).
A vulnerability in how PHP's mail() function processed header data was
discovered. If a script sent mail using a subject header containing
a string from an untrusted source, a remote attacker could send bulk
email to unintended recipients (CVE-2007-1718).
Updated packages have been patched to correct these issues. Also note
that the default use of Suhosin helped to protect against some of
these issues prior to patching.Tilastot: Lähetetty Kirjoittaja ursula — 20 Huhti 2007, 11:28
]]>