Red Hat Bugzilla – Bug 494530
CVE-2009-1271 php: crash on malformed input in json_decode()
Last modified: 2009-06-16 03:05:56 EDT
PHP 5.2.9 upstream release notes mention following security fix:
Fixed a segfault when malformed string is passed to json_decode(). (Scott)
JSON extension was only introduced in PHP 5.2.0, earlier versions of php (such as those shipped in Red Hat Enterprise Linux 2.1, 3, 4, and 5) are not affected by this problem.
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before
5.2.9 allows remote attackers to cause a denial of service
(segmentation fault) via a malformed string to the json_decode API
This issue has been addressed in following products:
Red Hat Web Application Stack for RHEL 5
Via RHSA-2009:0350 https://rhn.redhat.com/errata/RHSA-2009-0350.html
maniadrive-1.2-13.fc10, php-5.2.9-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
maniadrive-1.2-13.fc9, php-5.2.9-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.