Computer Security

PHP zip:// URL buffer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



PHP zip:// URL buffer overflow
Published:10.03.2007
Source:PHP-SECURITY
SecurityVulns ID:7375
Type:library
Level:5/10
Description:Stack buffer overflow (stack overrun) on oversized URL.
Affected:PHP : PHP 5.2
 PECLZIP : PECL ZIP 1.8
CVE:CVE-2007-1460 (The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories.)
 CVE-2007-1399 (Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or blog pingback.)
Original documentdocumentPHP-SECURITY, MOPB-16-2007:PHP zip:// URL Wrapper Buffer Overflow Vulnerability (10.03.2007)
Files:Exploits PHP zip:// URL Wrapper Stack Buffer Overflow
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server