Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 18 Mar 2015 20:19:26 +1300
From: Emmanuel Law <>
Subject: CVE Request: ZIP Integer Overflow leads to writing past heap boundary


found an integer overflow in PHP. When processing a malform zip file with
many entires, it leads to a heap overflow.

Affected Version <= PHP 5.6.6
Bug Report:

Could you please assign a CVE-ID for it?



Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ