A Heap-based buffer overflow flaw was found in the php quoted_printable_encode() function. A remote attacker could use this flaw to cause php to crash or execute arbirary code with the permission of the user running php
This flaw seems to be introduced by the following commit:
which fixes the bug described in https://bugs.php.net/bug.php?id=62462
This code is not present in the version of php or php53, shipped with Red Hat Enterprise Linux 5 and 6.
Not Vulnerable. This issue does not affect the version of php as shipped with Red Hat Enterprise Linux 5 and 6. This issue does not affect the version of php53 as shipped with Red Hat Enterprise Linux 5.
This issue was addressed in Fedora via the following updates:
Upstream bug: https://bugs.php.net/bug.php?id=64879 (private)