CVE-2009-5016

Related Files

Gentoo Linux Security Advisory 201110-06

Posted Oct 10, 2011

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-6 - Multiple vulnerabilities were found in PHP, the worst of which leading to remote execution of arbitrary code. Versions less than 5.3.8 are affected.

tags | advisory, remote, arbitrary, php, vulnerability

systems | linux, gentoo

advisories | CVE-2006-7243, CVE-2009-5016

SHA-256 | d937f7ba42bbe2df00e5d03e378b1b5a751d7ff00095557a71a01c62290ba6b0

Download | Favorite | View

Ubuntu Security Notice USN-1042-1

Posted Jan 12, 2011

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1042-1 - Various issues have been addressed with php5. It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting (XSS) protections. It was discovered that the XML UTF-8 decoding code did not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which could allow an attacker to bypass cross-site scripting (XSS) protections. It was discovered that attackers might be able to bypass open_basedir() restrictions by passing a specially crafted filename. Other issues Maksymilian Arciemowicz discovered that a NULL pointer derefence in the ZIP archive handling code could allow an attacker to cause a denial of service through a specially crafted ZIP archive.

tags | advisory, denial of service, overflow, xss

systems | linux, ubuntu

advisories | CVE-2009-5016, CVE-2010-3436, CVE-2010-3709, CVE-2010-3710, CVE-2010-3870, CVE-2010-4156, CVE-2010-4409, CVE-2010-4645

SHA-256 | 913a13e39a2c89b9d6470dae0fbd06dbbb46dd11bfc6b11630757c337688701f

Download | Favorite | View