Related information Multiple PHP vulnerabilities PHP5 Globals Vulnerability: with ?GLOBALS[foobar] you can set the value of the un-initialized $foobar variable. [SA17763] PHP "mb_send_mail( )" "To:" Header Injection Vulnerability [Full-disclosure] Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability [Full-disclosure] Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str() From:Juha-Matti Laurio <juha-matti.laurio_(at)_netti.fi> Date:26.11.2005Subject:PHP Version 5.1.0 Update Fixes Several VulnerabilitiesDetails available at http://www.php.net/ChangeLog-5.php#5.1.0 from 24th Nov, 2005. Some security-related issues from vendor's change log: Fixed crash inside stream_get_line() when length parameter equals 0. Fixed potential GLOBALS overwrite via import_request_variables() and possible crash and/or memory corruption. shtool: insecure temporary file creation (Jani) http://bugs.php.net/33150 crash on PDO::FETCH_CLASS + __set() http://bugs.php.net/35336 PDO prepare() crashes with invalid parameters http://bugs.php.net/35303 http://bugs.php.net/35278 Multiple virtual() calls crash Apache 2 php module http://bugs.php.net/35229 call_user_func() crashes when argument_stack is nearly full http://bugs.php.net/35135 PDOStatment without related PDO object may crash http://bugs.php.net/35009 ZTS: Persistent resource destruct crashes when extension is compiled as shared http://bugs.php.net/34045 Buffer overflow with serialized object etc. Regards, Juha-Matti Laurio
Multiple PHP vulnerabilities
PHP5 Globals Vulnerability: with ?GLOBALS[foobar] you can set the value of the un-initialized $foobar variable.
[SA17763] PHP "mb_send_mail( )" "To:" Header Injection Vulnerability
[Full-disclosure] Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability
[Full-disclosure] Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str()
