Month of PHP Bugs – Day one
As promised, I will keep a close eye on Stefan Esser Month of PHP Bugs project during march 2007. Here are the vulnerabilities exposed on March 1st 2007 :
- PHP Variable Destructor Deep Recursion Stack Overflow The destruction of deeply nested PHP arrays will exhaust all available stack which leads to remotely triggerable crashes.
- PHP Executor Deep Recursion Stack Overflow A deep recursion of PHP userland code will exhaust all available stack which leads to a sometimes remotely triggerable crash
- PHP 4 Userland ZVAL Reference Counter Overflow Vulnerability In PHP 4 userland code is able to overflow the internal 16bit zval reference counter by creating many references to a variable. This leads to an exploitable double dtor condition.
I guess we’ll wait to see what PHP bugs tomorrow brings .
Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback.
Print This Post
Post Info
This entry was posted on Thursday, March 1st, 2007 . Tagged with:You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: VOIP calls through firewalls and NATs »
Next Post: Exploit in WordPress 2.1.1 code – Update Now! »
Read More
Related Reading:
Latest Posts:
- SC Magazine 2010 Awards Winners
- Qualys Unveils 3 New Services – Some Are FREE!
- OWASP Broken Web Applications – Excelent Learning Tool
- GFI WebMonitor 2009 Review
- ModSecurity 2.5 – New Book Soon To Be Released
- NetWitness releases NextGen version 9.0
- Twitter Weekly Updates for 2009-07-19
- Twitter Weekly Updates for 2009-07-12
- Twitter Weekly Updates for 2009-07-05
- Twitter Weekly Updates for 2009-06-28
