Bug 1367462 (CVE-2015-8980) - CVE-2015-8980 php-php-gettext: Arbitrary code execution in select_string, ngettext and npgettext count parameter
Summary: CVE-2015-8980 php-php-gettext: Arbitrary code execution in select_string, nge...
Status: NEW
Alias: CVE-2015-8980
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=important,public=20151111,repo...
Keywords: Security
Depends On: 1367463 1367464 1367465
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-08-16 13:08 UTC by Andrej Nemec
Modified: 2018-10-30 18:40 UTC (History)
4 users (show)

(edit)
Clone Of:
(edit)
Last Closed:


Attachments (Terms of Use)

Description Andrej Nemec 2016-08-16 13:08:25 UTC
A code injection vulnerability was found in php-gettext. Evaluating the plural form formula in ngettext family of calls can execute arbitrary code if number is passed unsanitized from the untrusted user.

References:

http://seclists.org/fulldisclosure/2016/Aug/76

Comment 1 Andrej Nemec 2016-08-16 13:09:00 UTC
Created php53-php-gettext tracking bugs for this issue:

Affects: epel-5 [bug 1367465]

Comment 2 Andrej Nemec 2016-08-16 13:09:05 UTC
Created php-php-gettext tracking bugs for this issue:

Affects: fedora-all [bug 1367463]
Affects: epel-all [bug 1367464]

Comment 3 Andrej Nemec 2017-01-18 08:55:53 UTC
CVE assignment:

http://seclists.org/oss-sec/2017/q1/128

Comment 4 Mac 2018-10-27 10:27:16 UTC
CVE assignment

summary :

php-php-gettext-attribatary code execution, conducting code execution - CVE-2018-8986 php-php-gettext:

Comment 5 Yogendra Jog 2018-10-30 08:46:35 UTC
Hi, 

Can you please clarify what's needed here ?  

Regards
YOG.

Comment 6 Robert Scheck 2018-10-30 18:40:33 UTC
I would assume this RHBZ could be closed?


Note You need to log in before you can comment on or make changes to this bug.