Bug 201767 - CVE-2006-4020 PHP buffer overflow flaw
Summary: CVE-2006-4020 PHP buffer overflow flaw
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: php
Version: 5
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Joe Orton
QA Contact: David Lawrence
URL:
Whiteboard: impact=moderate,source=gentoo,reporte...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-08-08 19:28 UTC by Josh Bressers
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-10-24 11:54:18 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Josh Bressers 2006-08-08 19:28:48 UTC
PHP buffer overflow flaw

A buffer overflow flaw was found in the way PHP executes an argument
swap via the sscanf function.  The below URLs contain more
information.

http://bugs.php.net/bug.php?id=38322
http://www.securityfocus.com/archive/1/442438/30/0/threaded
http://bugs.gentoo.org/show_bug.cgi?id=143126

Comment 1 Josh Bressers 2006-08-09 12:35:51 UTC
The upstream patch is here:
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/scanf.c?r1=1.31.2.2&r2=1.31.2.2.2.1

Comment 2 Joe Orton 2006-10-24 11:54:18 UTC
Fixed in FEDORA-2006-1024:

http://www.redhat.com/archives/fedora-package-announce/2006-October/msg00028.html


Note You need to log in before you can comment on or make changes to this bug.