PHP buffer overflow flaw A buffer overflow flaw was found in the way PHP executes an argument swap via the sscanf function. The below URLs contain more information. http://bugs.php.net/bug.php?id=38322 http://www.securityfocus.com/archive/1/442438/30/0/threaded http://bugs.gentoo.org/show_bug.cgi?id=143126 This issue also affects RHEL3 This issue also affects RHEL2.1
The upstream patch is here: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/scanf.c?r1=1.31.2.2&r2=1.31.2.2.2.1
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0669.html