CVE-2011-3182
Published: 25 August 2011
PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function.
Priority
Status
Package | Release | Status |
---|---|---|
php5 Launchpad, Ubuntu, Debian |
upstream |
Released
(5.3.7-1)
|
hardy |
Released
(5.2.4-2ubuntu5.18)
|
|
lucid |
Released
(5.3.2-1ubuntu4.10)
|
|
maverick |
Released
(5.3.3-1ubuntu9.6)
|
|
natty |
Released
(5.3.5-1ubuntu7.3)
|
|
oneiric |
Released
(5.3.6-13ubuntu3.2)
|
|
Patches: upstream: http://svn.php.net/viewvc?view=revision&revision=313782 upstream: http://svn.php.net/viewvc?view=revision&revision=313826 upstream: http://svn.php.net/viewvc?view=revision&revision=313827 upstream: http://svn.php.net/viewvc?view=revision&revision=313828 upstream: http://svn.php.net/viewvc?view=revision&revision=313830 upstream: http://svn.php.net/viewvc?view=revision&revision=313831 upstream: http://svn.php.net/viewvc?view=revision&revision=313832 upstream: http://svn.php.net/viewvc?view=revision&revision=313833 upstream: http://svn.php.net/viewvc?view=revision&revision=313835 upstream: http://svn.php.net/viewvc?view=revision&revision=313903 |