Red Hat Bugzilla – Bug 285881
CVE-2007-4782 php crash in glob() and fnmatch() functions
Last modified: 2011-04-13 14:46:02 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4782 to the following vulnerability:
PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a "*e" value. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.
We do not consider these to be security issues. For more details see
Issues were addressed in PHP 5.2.5, patches:
*** Bug 382451 has been marked as a duplicate of this bug. ***
Re-opening this bug. We will be addressing fnmatch() issue in the next PHP
update, as the argument passed to it may be untrusted user data. Documentation
for the functions suggests usage of fnmatch() as a light-weight alternative to
regular expression handling functions for implementing pattern search
functionality in the PHP applications.
php-5.2.6-2.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update php'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-3864
php-5.2.6-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
(In reply to comment #2)
> Issues were addressed in PHP 5.2.5, patches:
These links no longer work, as upstream moved CVS to using SVN. Relevant commit in the upstream SVN: