Oval Definition:oval:com.redhat.rhsa:def:20070076
Revision Date:2008-03-20Version:636
Title:RHSA-2007:0076: php security update (Important)
Description:PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server.

  • A number of buffer overflow flaws were found in the PHP session extension, the str_replace() function, and the imap_mail_compose() function. If very long strings under the control of an attacker are passed to the str_replace() function then an integer overflow could occur in memory allocation. If a script uses the imap_mail_compose() function to create a new MIME message based on an input body from an untrusted source, it could result in a heap overflow. An attacker who is able to access a PHP application affected by any these issues could trigger these flaws and possibly execute arbitrary code as the 'apache' user. (CVE-2007-0906)

  • If unserializing untrusted data on 64-bit platforms, the zend_hash_init() function can be forced to enter an infinite loop, consuming CPU resources for a limited length of time, until the script timeout alarm aborts execution of the script. (CVE-2007-0988)

  • If the wddx extension is used to import WDDX data from an untrusted source, certain WDDX input packets may allow a random portion of heap memory to be exposed. (CVE-2007-0908)

  • If the odbc_result_all() function is used to display data from a database, and the contents of the database table are under the control of an attacker, a format string vulnerability is possible which could lead to the execution of arbitrary code. (CVE-2007-0909)

  • A one byte memory read will always occur before the beginning of a buffer, which could be triggered for example by any use of the header() function in a script. However it is unlikely that this would have any effect. (CVE-2007-0907)

  • Several flaws in PHP could allows attackers to "clobber" certain super-global variables via unspecified vectors. (CVE-2007-0910)

    Users of PHP should upgrade to these updated packages which contain backported patches to correct these issues.

    Red Hat would like to thank Stefan Esser for his help diagnosing these issues.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2007-0906
    CVE-2007-0907
    CVE-2007-0908
    CVE-2007-0909
    CVE-2007-0910
    CVE-2007-0988
    CVE-2007-1380
    CVE-2007-1701
    CVE-2007-1825
    RHSA-2007:0076
    RHSA-2007:0076-01
    RHSA-2007:0076-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • php-odbc is earlier than 0:4.3.2-39.ent
  • AND php-odbc is signed with Red Hat master key
  • php-ldap is earlier than 0:4.3.2-39.ent
  • AND php-ldap is signed with Red Hat master key
  • php-imap is earlier than 0:4.3.2-39.ent
  • AND php-imap is signed with Red Hat master key
  • php-devel is earlier than 0:4.3.2-39.ent
  • AND php-devel is signed with Red Hat master key
  • php-mysql is earlier than 0:4.3.2-39.ent
  • AND php-mysql is signed with Red Hat master key
  • php-pgsql is earlier than 0:4.3.2-39.ent
  • AND php-pgsql is signed with Red Hat master key
  • php is earlier than 0:4.3.2-39.ent
  • AND php is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • php-ncurses is earlier than 0:4.3.9-3.22.3
  • AND php-ncurses is signed with Red Hat master key
  • php-mbstring is earlier than 0:4.3.9-3.22.3
  • AND php-mbstring is signed with Red Hat master key
  • php-pear is earlier than 0:4.3.9-3.22.3
  • AND php-pear is signed with Red Hat master key
  • php-pgsql is earlier than 0:4.3.9-3.22.3
  • AND php-pgsql is signed with Red Hat master key
  • php-ldap is earlier than 0:4.3.9-3.22.3
  • AND php-ldap is signed with Red Hat master key
  • php-devel is earlier than 0:4.3.9-3.22.3
  • AND php-devel is signed with Red Hat master key
  • php-gd is earlier than 0:4.3.9-3.22.3
  • AND php-gd is signed with Red Hat master key
  • php-snmp is earlier than 0:4.3.9-3.22.3
  • AND php-snmp is signed with Red Hat master key
  • php-imap is earlier than 0:4.3.9-3.22.3
  • AND php-imap is signed with Red Hat master key
  • php-mysql is earlier than 0:4.3.9-3.22.3
  • AND php-mysql is signed with Red Hat master key
  • php-domxml is earlier than 0:4.3.9-3.22.3
  • AND php-domxml is signed with Red Hat master key
  • php is earlier than 0:4.3.9-3.22.3
  • AND php is signed with Red Hat master key
  • php-xmlrpc is earlier than 0:4.3.9-3.22.3
  • AND php-xmlrpc is signed with Red Hat master key
  • php-odbc is earlier than 0:4.3.9-3.22.3
  • AND php-odbc is signed with Red Hat master key
  • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • php is earlier than 0:4.3.2-39.ent
  • AND php is signed with Red Hat master key
  • php-devel is earlier than 0:4.3.2-39.ent
  • AND php-devel is signed with Red Hat master key
  • php-imap is earlier than 0:4.3.2-39.ent
  • AND php-imap is signed with Red Hat master key
  • php-ldap is earlier than 0:4.3.2-39.ent
  • AND php-ldap is signed with Red Hat master key
  • php-mysql is earlier than 0:4.3.2-39.ent
  • AND php-mysql is signed with Red Hat master key
  • php-odbc is earlier than 0:4.3.2-39.ent
  • AND php-odbc is signed with Red Hat master key
  • php-pgsql is earlier than 0:4.3.2-39.ent
  • AND php-pgsql is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • php is earlier than 0:4.3.9-3.22.3
  • AND php is signed with Red Hat master key
  • php-devel is earlier than 0:4.3.9-3.22.3
  • AND php-devel is signed with Red Hat master key
  • php-domxml is earlier than 0:4.3.9-3.22.3
  • AND php-domxml is signed with Red Hat master key
  • php-gd is earlier than 0:4.3.9-3.22.3
  • AND php-gd is signed with Red Hat master key
  • php-imap is earlier than 0:4.3.9-3.22.3
  • AND php-imap is signed with Red Hat master key
  • php-ldap is earlier than 0:4.3.9-3.22.3
  • AND php-ldap is signed with Red Hat master key
  • php-mbstring is earlier than 0:4.3.9-3.22.3
  • AND php-mbstring is signed with Red Hat master key
  • php-mysql is earlier than 0:4.3.9-3.22.3
  • AND php-mysql is signed with Red Hat master key
  • php-ncurses is earlier than 0:4.3.9-3.22.3
  • AND php-ncurses is signed with Red Hat master key
  • php-odbc is earlier than 0:4.3.9-3.22.3
  • AND php-odbc is signed with Red Hat master key
  • php-pear is earlier than 0:4.3.9-3.22.3
  • AND php-pear is signed with Red Hat master key
  • php-pgsql is earlier than 0:4.3.9-3.22.3
  • AND php-pgsql is signed with Red Hat master key
  • php-snmp is earlier than 0:4.3.9-3.22.3
  • AND php-snmp is signed with Red Hat master key
  • php-xmlrpc is earlier than 0:4.3.9-3.22.3
  • AND php-xmlrpc is signed with Red Hat master key
  • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • php is earlier than 0:4.3.9-3.22.3
  • AND php is signed with Red Hat redhatrelease2 key
  • php-devel is earlier than 0:4.3.9-3.22.3
  • AND php-devel is signed with Red Hat redhatrelease2 key
  • php-domxml is earlier than 0:4.3.9-3.22.3
  • AND php-domxml is signed with Red Hat redhatrelease2 key
  • php-gd is earlier than 0:4.3.9-3.22.3
  • AND php-gd is signed with Red Hat redhatrelease2 key
  • php-imap is earlier than 0:4.3.9-3.22.3
  • AND php-imap is signed with Red Hat redhatrelease2 key
  • php-ldap is earlier than 0:4.3.9-3.22.3
  • AND php-ldap is signed with Red Hat redhatrelease2 key
  • php-mbstring is earlier than 0:4.3.9-3.22.3
  • AND php-mbstring is signed with Red Hat redhatrelease2 key
  • php-mysql is earlier than 0:4.3.9-3.22.3
  • AND php-mysql is signed with Red Hat redhatrelease2 key
  • php-ncurses is earlier than 0:4.3.9-3.22.3
  • AND php-ncurses is signed with Red Hat redhatrelease2 key
  • php-odbc is earlier than 0:4.3.9-3.22.3
  • AND php-odbc is signed with Red Hat redhatrelease2 key
  • php-pear is earlier than 0:4.3.9-3.22.3
  • AND php-pear is signed with Red Hat redhatrelease2 key
  • php-pgsql is earlier than 0:4.3.9-3.22.3
  • AND php-pgsql is signed with Red Hat redhatrelease2 key
  • php-snmp is earlier than 0:4.3.9-3.22.3
  • AND php-snmp is signed with Red Hat redhatrelease2 key
  • php-xmlrpc is earlier than 0:4.3.9-3.22.3
  • AND php-xmlrpc is signed with Red Hat redhatrelease2 key
  • BACK