PHP 'shmop_read()' Remote Integer Overflow Vulnerability Network Vulnerability

Summary

PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values are not overrun. Successful exploits of this vulnerability allow remote attackers to execute arbitrary code in the context of a webserver affected by the issue. Failed attempts will likely result in denial-of-service conditions. Versions prior to PHP 5.3.6 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://comments.gmane.org/gmane.comp.security.oss.general/4436
http://svn.php.net/viewvc/?view=revision&revision=309018
http://www.php.net/
https://www.securityfocus.com/bid/46786

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1092

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Flash Player 9.0.115.0 and earlier vulnerability (Lin)
Adobe Air Multiple Vulnerabilities - October 12 (Windows)
Adobe Acrobat Remote Code Execution Vulnerability(Win)
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Windows)

Take action and discover your vulnerabilities