Red Hat Bugzilla – Bug 187231
CVE-2006-1490 PHP memory disclosure issue
Last modified: 2007-11-30 17:11:28 EST
PHP memory disclosure issue
A memory disclosure issue was found and fixed in PHP's
unescape_html_entities function. This issue allows a malformed HTML
string to leak back arbitrary memory from the PHP process.
There is more information in the full-disclosure thread:
The reporter on full-disclosure attempts to make this issue sound
considerably worse than it is.
The patch is here:
This issue also affects FC4
Fixed in FEDORA-2006-289.