PHP multiple security vulnerabilities updated since 28.09.2009
Published:		20.10.2009
Source:		BUGTRAQ
SecurityVulns ID:		10269
Type:		library
Level:		7/10
Description:		Certificates spoofing, memory corruptions on images parsing, information leakage.

Affected:		PHP : PHP 5.2
		PHP : PHP 5.3
CVE:		CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information.)
		CVE-2009-3293 (Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index.")
		CVE-2009-3292 (Unspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to "missing sanity checks around exif processing.")
		CVE-2009-3291 (The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.)

Original document		MANDRIVA, [ MDVSA-2009:284 ] gd (20.10.2009)
		david_(at)_majorsecurity.info, [MajorSecurity Advisory #59]PHP <=5.3 - mysqli_real_escape_string() full path disclosure (28.09.2009)
		david_(at)_majorsecurity.info, [MajorSecurity Advisory #57]PHP <=5.3 - preg_match() full path disclosure (28.09.2009)
		MANDRIVA, [ MDVSA-2009:248 ] php (28.09.2009)

Discuss:

Read or add your comments to this news (0 comments)