Bug 207090 - CVE-2006-4020 PHP security issues (CVE-2006-4482 CVE-2006-4484 CVE-2006-4485 CVE-2006-4486)
Summary: CVE-2006-4020 PHP security issues (CVE-2006-4482 CVE-2006-4484 CVE-2006-4485 ...
Alias: None
Product: Red Hat Web Application Stack
Classification: Retired
Component: php
Version: v1
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Joe Orton
QA Contact: Gurhan Ozen
Whiteboard: impact=moderate
Depends On:
Blocks: CVE-2006-4484
TreeView+ depends on / blocked
Reported: 2006-09-19 10:02 UTC by Joe Orton
Modified: 2013-11-04 01:30 UTC (History)
1 user (show)

Fixed In Version: RHSA-2006-0688
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2006-10-05 11:30:36 UTC

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2006:0688 normal SHIPPED_LIVE Important: php security update 2006-10-05 04:00:00 UTC

Description Joe Orton 2006-09-19 10:02:29 UTC
Description of problem:
The following issues affect the PHP package:

CVE-2006-4486 PHP integer overflows in Zend
CVE-2006-4485 PHP buffer overread in str_ipos
CVE-2006-4482 PHP heap overflow in wordwrap/str_repeat
CVE-2006-4020 PHP sscanf buffer overflow
CVE-2006-4484 PHP heap overflow in LWZReadByte

Version-Release number of selected component (if applicable):

Comment 3 Red Hat Bugzilla 2006-10-05 11:30:36 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.