Oval Definition:oval:org.opensuse.security:def:20085557
Revision Date:2022-05-20Version:1
Title:CVE-2008-5557
Description:

Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-5557
Mitre CVE-2008-5557
SUSE CVE-2008-5557
SUSE-SR:2009:004
SUSE-SR:2009:004
SUSE-SR:2009:008
SUSE-SR:2009:008
Platform(s):Open Enterprise Server
openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP2
Product(s):
Definition Synopsis
  • sles10-sp2-sdk is installed
  • AND Package Information
  • apache2-mod_php5 less than 5.2.5-9.12
  • OR php5-bcmath less than 5.2.5-9.12
  • OR php5-bz2 less than 5.2.5-9.12
  • OR php5-calendar less than 5.2.5-9.12
  • OR php5-ctype less than 5.2.5-9.12
  • OR php5-curl less than 5.2.5-9.12
  • OR php5-dba less than 5.2.5-9.12
  • OR php5-dbase less than 5.2.5-9.12
  • OR php5-devel less than 5.2.5-9.12
  • OR php5-dom less than 5.2.5-9.12
  • OR php5-exif less than 5.2.5-9.12
  • OR php5-fastcgi less than 5.2.5-9.12
  • OR php5-ftp less than 5.2.5-9.12
  • OR php5-gd less than 5.2.5-9.12
  • OR php5-gettext less than 5.2.5-9.12
  • OR php5-gmp less than 5.2.5-9.12
  • OR php5-iconv less than 5.2.5-9.12
  • OR php5-imap less than 5.2.5-9.12
  • OR php5-ldap less than 5.2.5-9.12
  • OR php5-mbstring less than 5.2.5-9.12
  • OR php5-mcrypt less than 5.2.5-9.12
  • OR php5-mhash less than 5.2.5-9.12
  • OR php5-mysql less than 5.2.5-9.12
  • OR php5-ncurses less than 5.2.5-9.12
  • OR php5-odbc less than 5.2.5-9.12
  • OR php5-openssl less than 5.2.5-9.12
  • OR php5-pcntl less than 5.2.5-9.12
  • OR php5-pdo less than 5.2.5-9.12
  • OR php5-pear less than 5.2.5-9.12
  • OR php5-pgsql less than 5.2.5-9.12
  • OR php5-posix less than 5.2.5-9.12
  • OR php5-pspell less than 5.2.5-9.12
  • OR php5-shmop less than 5.2.5-9.12
  • OR php5-snmp less than 5.2.5-9.12
  • OR php5-soap less than 5.2.5-9.12
  • OR php5-sockets less than 5.2.5-9.12
  • OR php5-sqlite less than 5.2.5-9.12
  • OR php5-suhosin less than 5.2.5-9.12
  • OR php5-sysvmsg less than 5.2.5-9.12
  • OR php5-sysvsem less than 5.2.5-9.12
  • OR php5-sysvshm less than 5.2.5-9.12
  • OR php5-tidy less than 5.2.5-9.12
  • OR php5-tokenizer less than 5.2.5-9.12
  • OR php5-wddx less than 5.2.5-9.12
  • OR php5-xmlreader less than 5.2.5-9.12
  • OR php5-xmlrpc less than 5.2.5-9.12
  • OR php5-xsl less than 5.2.5-9.12
  • OR php5-zlib less than 5.2.5-9.12
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND Package Information
  • apache2-mod_php5-5.2.14-0.7.24.1 is installed
  • OR php5-5.2.14-0.7.24.1 is installed
  • OR php5-bcmath-5.2.14-0.7.24.1 is installed
  • OR php5-bz2-5.2.14-0.7.24.1 is installed
  • OR php5-calendar-5.2.14-0.7.24.1 is installed
  • OR php5-ctype-5.2.14-0.7.24.1 is installed
  • OR php5-curl-5.2.14-0.7.24.1 is installed
  • OR php5-dba-5.2.14-0.7.24.1 is installed
  • OR php5-dbase-5.2.14-0.7.24.1 is installed
  • OR php5-dom-5.2.14-0.7.24.1 is installed
  • OR php5-exif-5.2.14-0.7.24.1 is installed
  • OR php5-fastcgi-5.2.14-0.7.24.1 is installed
  • OR php5-ftp-5.2.14-0.7.24.1 is installed
  • OR php5-gd-5.2.14-0.7.24.1 is installed
  • OR php5-gettext-5.2.14-0.7.24.1 is installed
  • OR php5-gmp-5.2.14-0.7.24.1 is installed
  • OR php5-hash-5.2.14-0.7.24.1 is installed
  • OR php5-iconv-5.2.14-0.7.24.1 is installed
  • OR php5-json-5.2.14-0.7.24.1 is installed
  • OR php5-ldap-5.2.14-0.7.24.1 is installed
  • OR php5-mbstring-5.2.14-0.7.24.1 is installed
  • OR php5-mcrypt-5.2.14-0.7.24.1 is installed
  • OR php5-mysql-5.2.14-0.7.24.1 is installed
  • OR php5-odbc-5.2.14-0.7.24.1 is installed
  • OR php5-openssl-5.2.14-0.7.24.1 is installed
  • OR php5-pcntl-5.2.14-0.7.24.1 is installed
  • OR php5-pdo-5.2.14-0.7.24.1 is installed
  • OR php5-pear-5.2.14-0.7.24.1 is installed
  • OR php5-pgsql-5.2.14-0.7.24.1 is installed
  • OR php5-pspell-5.2.14-0.7.24.1 is installed
  • OR php5-shmop-5.2.14-0.7.24.1 is installed
  • OR php5-snmp-5.2.14-0.7.24.1 is installed
  • OR php5-soap-5.2.14-0.7.24.1 is installed
  • OR php5-suhosin-5.2.14-0.7.24.1 is installed
  • OR php5-sysvmsg-5.2.14-0.7.24.1 is installed
  • OR php5-sysvsem-5.2.14-0.7.24.1 is installed
  • OR php5-sysvshm-5.2.14-0.7.24.1 is installed
  • OR php5-tokenizer-5.2.14-0.7.24.1 is installed
  • OR php5-wddx-5.2.14-0.7.24.1 is installed
  • OR php5-xmlreader-5.2.14-0.7.24.1 is installed
  • OR php5-xmlrpc-5.2.14-0.7.24.1 is installed
  • OR php5-xmlwriter-5.2.14-0.7.24.1 is installed
  • OR php5-xsl-5.2.14-0.7.24.1 is installed
  • OR php5-zip-5.2.14-0.7.24.1 is installed
  • OR php5-zlib-5.2.14-0.7.24.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND php5 is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND
  • apache2-mod_php5-5.2.14-0.7.24.1 is installed
  • OR php5-5.2.14-0.7.24.1 is installed
  • OR php5-bcmath-5.2.14-0.7.24.1 is installed
  • OR php5-bz2-5.2.14-0.7.24.1 is installed
  • OR php5-calendar-5.2.14-0.7.24.1 is installed
  • OR php5-ctype-5.2.14-0.7.24.1 is installed
  • OR php5-curl-5.2.14-0.7.24.1 is installed
  • OR php5-dba-5.2.14-0.7.24.1 is installed
  • OR php5-dbase-5.2.14-0.7.24.1 is installed
  • OR php5-dom-5.2.14-0.7.24.1 is installed
  • OR php5-exif-5.2.14-0.7.24.1 is installed
  • OR php5-fastcgi-5.2.14-0.7.24.1 is installed
  • OR php5-ftp-5.2.14-0.7.24.1 is installed
  • OR php5-gd-5.2.14-0.7.24.1 is installed
  • OR php5-gettext-5.2.14-0.7.24.1 is installed
  • OR php5-gmp-5.2.14-0.7.24.1 is installed
  • OR php5-hash-5.2.14-0.7.24.1 is installed
  • OR php5-iconv-5.2.14-0.7.24.1 is installed
  • OR php5-json-5.2.14-0.7.24.1 is installed
  • OR php5-ldap-5.2.14-0.7.24.1 is installed
  • OR php5-mbstring-5.2.14-0.7.24.1 is installed
  • OR php5-mcrypt-5.2.14-0.7.24.1 is installed
  • OR php5-mysql-5.2.14-0.7.24.1 is installed
  • OR php5-odbc-5.2.14-0.7.24.1 is installed
  • OR php5-openssl-5.2.14-0.7.24.1 is installed
  • OR php5-pcntl-5.2.14-0.7.24.1 is installed
  • OR php5-pdo-5.2.14-0.7.24.1 is installed
  • OR php5-pear-5.2.14-0.7.24.1 is installed
  • OR php5-pgsql-5.2.14-0.7.24.1 is installed
  • OR php5-pspell-5.2.14-0.7.24.1 is installed
  • OR php5-shmop-5.2.14-0.7.24.1 is installed
  • OR php5-snmp-5.2.14-0.7.24.1 is installed
  • OR php5-soap-5.2.14-0.7.24.1 is installed
  • OR php5-suhosin-5.2.14-0.7.24.1 is installed
  • OR php5-sysvmsg-5.2.14-0.7.24.1 is installed
  • OR php5-sysvsem-5.2.14-0.7.24.1 is installed
  • OR php5-sysvshm-5.2.14-0.7.24.1 is installed
  • OR php5-tokenizer-5.2.14-0.7.24.1 is installed
  • OR php5-wddx-5.2.14-0.7.24.1 is installed
  • OR php5-xmlreader-5.2.14-0.7.24.1 is installed
  • OR php5-xmlrpc-5.2.14-0.7.24.1 is installed
  • OR php5-xmlwriter-5.2.14-0.7.24.1 is installed
  • OR php5-xsl-5.2.14-0.7.24.1 is installed
  • OR php5-zip-5.2.14-0.7.24.1 is installed
  • OR php5-zlib-5.2.14-0.7.24.1 is installed
    • BACK