Red Hat Bugzilla – Bug 240162
CVE-2007-1452 fdf extension input filtering
Last modified: 2007-05-15 11:49:44 EDT
Description of problem:
The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement the input
filtering hooks for ext/filter, which allows remote attackers to bypass web site
filters via an application/vnd.fdf formatted POST.
The 'fdf' extension is not included in php packages distributed by Red Hat.
*** Bug 239316 has been marked as a duplicate of this bug. ***