CVE-2011-0420

Related Files

Debian Security Advisory 2266-2

Posted Jul 1, 2011

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2266-2 - The update for CVE-2010-2531 for the old stabledistribution (lenny) introduced a regression, which lead to additional output being written to stdout.

tags | advisory

systems | linux, debian

advisories | CVE-2010-2531, CVE-2011-0420, CVE-2011-0421, CVE-2011-0708, CVE-2011-1153, CVE-2011-1466, CVE-2011-1471, CVE-2011-2202

SHA-256 | f8f9215e818490fc2f7ebd9064ee594fd02d03d6a1ed09e7ff12fa39b629cd00

Download | Favorite | View

Debian Security Advisory 2266-1

Posted Jun 30, 2011

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2266-1 - Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, php, vulnerability

systems | linux, debian

advisories | CVE-2010-2531, CVE-2011-0420, CVE-2011-0421, CVE-2011-0708, CVE-2011-1153, CVE-2011-1466, CVE-2011-1471, CVE-2011-2202

SHA-256 | 40ee0fdcf0a402b4e148929bf52520da5205fe15c50c8dae5bbc534b47bdd4b6

Download | Favorite | View

Ubuntu Security Notice USN-1126-2

Posted May 5, 2011

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1126-2 - USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubuntu 8.04 LTS.

tags | advisory, php, vulnerability

systems | linux, ubuntu

advisories | CVE-2011-1144, CVE-2006-7243, CVE-2010-4697, CVE-2010-4698, CVE-2011-0420, CVE-2011-0421, CVE-2011-0441, CVE-2011-0708, CVE-2011-1072, CVE-2011-1092, CVE-2011-1144, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1466, CVE-2011-1467, CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471

SHA-256 | d3109ede1f1b610fb18480ae30cb346b0d85aac84aedfeadd43a5eb1ad6fe0a2

Download | Favorite | View

Ubuntu Security Notice USN-1126-1

Posted Apr 29, 2011

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1126-1 - Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite arbitrary files via a symlink attack on the package.xml file. Martin Barbella discovered a buffer overflow in the PHP GD extension that allows an attacker to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function. It was discovered that PHP accepts the \0 character in a pathname, which might allow an attacker to bypass intended access restrictions by placing a safe file extension after this character. Various other issues with PHP 5 were also identified and resolved.

tags | advisory, denial of service, overflow, arbitrary, local, php

systems | linux, ubuntu

advisories | CVE-2011-1144, CVE-2006-7243, CVE-2010-4697, CVE-2010-4698, CVE-2011-0420, CVE-2011-0421, CVE-2011-0441, CVE-2011-0708, CVE-2011-1072, CVE-2011-1092, CVE-2011-1144, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1466, CVE-2011-1467, CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471

SHA-256 | 0d1f20dac678d851bff44d385515866f5fb9db107a028a3a3bb2ee850d32fc53

Download | Favorite | View

PHP 5.2.5 grapheme_extract() NULL Pointer Dereference

Posted Feb 16, 2011

Authored by Maksymilian Arciemowicz

PHP version 5.2.5 suffers from a grapheme_extract() null pointer dereference vulnerability.

tags | exploit, php

advisories | CVE-2011-0420

SHA-256 | 03b8ac9c97cec89d34b8ed048ab62fda0ab9ae70423a1f1f02f86a029656b0fe

Download | Favorite | View