Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 24 Sep 2011 07:56:34 -0600
From: Vincent Danen <vdanen@...hat.com>
To: oss-security@...ts.openwall.com
Cc: security@....net
Subject: CVE request: is_a() function may allow arbitrary code execution in
 PHP 5.3.7/5.3.8

Could a CVE be assigned for this flaw?  PHP 5.3.7 changed how the is_a()
function worked, and as a result it could allow for remote arbitrary
code execution if certain specific conditions are met (the blog post
referenced below has a good writeup of the flaw).

http://www.byte.nl/blog/2011/09/23/security-bug-in-is_a-function-in-php-5-3-7-5-3-8/
https://bugs.php.net/bug.php?id=55475
https://bugzilla.redhat.com/show_bug.cgi?id=741020

It looks like this is the fix:

http://svn.php.net/viewvc/?view=revision&amp;revision=317183

Thanks.

-- 
Vincent Danen / Red Hat Security Response Team 

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.