Date: Sun, 20 May 2012 15:09:06 -0300 From: Felipe Pena <felipensp@...il.com> To: oss-security@...ts.openwall.com Subject: CVE request: PHP Phar - arbitrary code execution Hi, Can anyone assing a CVE id for the following PHP's phar extension integer overflow vulnerability? (Secunia SA44335) Private report: https://bugs.php.net/bug.php?id=61065 Discovered by: Alexander Gavrun Original Advisory: http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html -- Regards, Felipe Pena
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ