Month of PHP Bugs – Day 5

Today seems to be a bugs / vulnerability day .Two more PHP vulnerabilities exposed in Day 5 of the Month of PHP Bugs project raising the bug count to 13:

  1. PHP 4 Ovrimos Extension Multiple Vulnerabilities An ASCIIZ character embedded in application/x-www-form-urlencoded POST data terminates the data in the eyes of mod_security, which results in a trivial way to bypass its rules
  2. PHP 4 Ovrimos Extension Multiple Vulnerabilities The Ovrimos extension shipped with PHP 4 considers arguments as direct memory pointers. This allows direct memory access which leads to arbitrary code execution.




Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback. Print This Post Print This Post


Subscribe without commenting


Leave a Reply

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.

CommentLuv badge