PHP Multiple Buffer Overflow Vulnerabilities Network Vulnerability

Summary

PHP is prone to multiple buffer-overflow vulnerabilities. Successful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable PHP functions. This may result in a compromise of the underlying system. Failed attempts may lead to a denial-of-service condition. Versions prior to PHP 4.4.9 and PHP 5.2.8 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://support.avaya.com/elmodocs2/security/ASA-2009-161.htm
http://www.php.net/
http://www.php.net/ChangeLog-5.php#5.2.8
http://www.php.net/archive/2008.php#id2008-08-07-1
http://www.securityfocus.com/bid/30649

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3658, CVE-2008-3659

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AjaxPortal 'di.php' File Inclusion Vulnerability
Adobe ColdFusion Authentication Bypass Vulnerability
AproxEngine Multiple Remote Input Validation Vulnerabilities
ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
Adobe ColdFusion Components (CFC) Denial Of Service Vulnerability

Take action and discover your vulnerabilities