Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 239011 - (CVE-2007-2511) CVE-2007-2511 php user_filter_factory_create overflow
CVE-2007-2511 php user_filter_factory_create overflow
Status: CLOSED WONTFIX
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
public=20070503,reported=20070503,sou...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-05-04 09:26 EDT by Mark J. Cox
Modified: 2007-05-17 10:53 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-17 10:53:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Mark J. Cox 2007-05-04 09:26:34 EDT 
The PHP release on 20070504 stated "- Fixed a buffer overflow inside
user_filter_factory_create(). (CVE-NO-NAME, by Ilia Alshanetsky)"
Comment 1 Joe Orton 2007-05-17 10:53:34 EDT 
The PHP interpreter does not offer a reliable "sandboxed" security layer (as
found in, say, a JVM) in which untrusted scripts can be run; any script run by
the PHP interpreter must be trusted with the privileges of the interpreter itself.

This bug described in CVE-2007-2511 can only be triggered by a script author;
since no trust boundary is crossed, this issue is not treated as security-sensitive.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.