Tuesday, May 6, 2008

PHP 5.2.6 Released

Newly found Vulnerabilities 05/06/08:

PHP has released version 5.2.6 to address multiple vulnerabilities. These vulnerabilities include:
an error in FastCGI SAPI which may result stack-based buffer overflow
an integer overflow in printf()
an error in init_request_info(), which may result in a buffer overflow
an error in cURL, which may result in safe_mode bypass improper handling of input passed to escapeshellcmd() a boundary error in the bundled version of the PCRE library
These vulnerabilities may allow an attacker to execute arbitrary code, bypass security restrictions, or cause a denial-of-service condition.We encourage users to review the PHP 5.2.6 Release Announcement and update to version 5.2.6.

http://serchez.net
Posted by SerChez at 9:52 PM
Labels: , , , , , , , , , , , , , , , , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)