Like the other PHP bugs, this on is mentioned in 230556, but not explicitly closed and documented in any errata that I can find. ------------------------------------------------------------------- Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer. * MISC:http://www.php-security.org/MOPB/MOPB-19-2007.html * MISC:http://www.php.net/releases/5_2_1.php * DEBIAN:DSA-1283 * URL:http://www.debian.org/security/2007/dsa-1283 * BID:22922 * URL:http://www.securityfocus.com/bid/22922 * SECUNIA:25062 * URL:http://secunia.com/advisories/25062
*** This bug has been marked as a duplicate of 240163 ***