Red Hat Bugzilla – Bug 964969
CVE-2013-2110 php: Heap-based buffer overflow in quoted_printable_encode()
Last modified: 2016-03-04 07:13:12 EST
A Heap-based buffer overflow flaw was found in the php quoted_printable_encode() function. A remote attacker could use this flaw to cause php to crash or execute arbirary code with the permission of the user running php
This flaw seems to be introduced by the following commit:
which fixes the bug described in https://bugs.php.net/bug.php?id=62462
This code is not present in the version of php or php53, shipped with Red Hat Enterprise Linux 5 and 6.
Not Vulnerable. This issue does not affect the version of php as shipped with Red Hat Enterprise Linux 5 and 6. This issue does not affect the version of php53 as shipped with Red Hat Enterprise Linux 5.
This issue was addressed in Fedora via the following updates:
Upstream bug: https://bugs.php.net/bug.php?id=64879 (private)