HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache with PHP. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to gain extended privileges.
d2fd4b44ee57dd3af461a9759dea17febfe05480c61e661d1f8658421113fd53
HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache with PHP. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to gain extended privileges.
a25c67eb88bb44bc6b3fd07f12470e6be94fbd42adcea195f7399637529b6bf2
HP Security Bulletin - Potential security vulnerabilities has been identified with HP-UX Apache. These vulnerabilities could be exploited remotely to execute arbitrary code.
a5edf2e7105f56644d6aebb96f22fbdc98e14edd990d6a0e5cfbee3125fac53d
PHP versions 5.2.4 and below suffer from a htaccess safemode and open_basedir bypass vulnerability via mail.force_extra_parameters.
5cb1872002031e72e4addf8a9712d045e489374143dd9a086c89e49cc9fa814a
Gentoo Linux Security Advisory GLSA 200710-02 - Several vulnerabilities were found in PHP. Mattias Bengtsson and Philip Olausson reported integer overflows in the gdImageCreate() and gdImageCreateTrueColor() functions of the GD library which can cause heap-based buffer overflows. Gerhard Wagner discovered an integer overflow in the chunk_split() function that can lead to a heap-based buffer overflow. Its incomplete fix caused incorrect buffer size calculation due to precision loss, also resulting in a possible heap-based buffer overflow. A buffer overflow in the sqlite_decode_binary() of the SQLite extension found by Stefan Esser that was addressed in PHP 5.2.1 was not fixed correctly. Versions less than 5.2.4_p20070914-r2 are affected.
0954c820cef174c83409c66ee739a3d9955c800b776a51d4b17c9452a9f19875
PHP versions 5.2.3 and below and 4.4.7 and below suffer from a safemode and open_basedir bypass vulnerability.
f47f5676eb24d32466cc30ca9626a14dc5ca7ff212f835ad4a4373299f35b5a1