Description of problem: http://www.php.net/releases/5_2_4.php Fixed zend_alter_ini_entry() memory_limit interruption vulnerability. (Reported by Stefan Esser)
http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_ini.c?r1=1.39.2.2.2.9&r2=1.39.2.2.2.10&diff_format=u This issue does not affect PHP 4, or PHP 5.1.
This issue has been addressed in following products: Red Hat Application Stack v2 Via RHSA-2007:0917 available at https://rhn.redhat.com/errata/RHSA-2007-0917.html