Red Hat Bugzilla – Bug 206635
CVE-2006-3018 unknown PHP issue
Last modified: 2007-11-30 17:07:27 EST
Description of problem:
CVE-2006-3018 has been assigned to an issue in PHP where the cause and
fix are unknown, and the impact cannot be verified.
The source of the CVE assignment was a single line statement in the PHP
5.1.3 release announcement, http://www.php.net/release_5_1_3.php,
"Fixed a heap corruption inside the session extension."
Of the changes made to the session extension between releases 5.1.2 and
5.1.3, none would fix a bug matching this description by our analysis.