Red Hat Bugzilla – Bug 204993
CVE-2006-4482 PHP heap overflow
Last modified: 2007-11-30 17:07:27 EST
(Description from MITRE)
Multiple heap-based buffer overflows in the (1) str_repeat and (2)
wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when
used on a 64-bit system, have unspecified impact and attack vectors, a
different vulnerability than CVE-2006-1990.
This is the result of using int = size_t * sizt_t where int is 32 bits
and size_t is 64 bits. The odds of exploiting this remotely are slim
as you would probably have to send 2 gigs of data to a broken app.
This issue likely also affects RHEL2 and RHEL3
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.