oss-sec mailing list archives
Re: CVE Request: PHP int overflow
From: cve-assign () mitre org
Date: Sat, 24 Jan 2015 14:32:12 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I found an integer overflow in PHP, in the conversation of dates to "Julian Day Count" function. The commit, with a PoC can be found here: https://github.com/MegaManSec/php-src/commit/a538d2f5605798422f2746636ecdc300f8ebcaa1
Use CVE-2015-1353. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJUw/LpAAoJEKllVAevmvmsiYoH/Ag+n/8x+blfJyccUhjt39bp nRxsuZw2MIx7COJcoufIxeycu2YGnm1O9RxZBA9lKmVYjb0wjMi9yHogcWkT8UOo i93ARMw7V6UFp1nV+2Kv5BgVh2EcwEBXyDkKkcaN2l68Dm3nRoApMB4i4m7G67BC K2T1L4eq1orQCNaR7n4hup2155pHZbLqZQRMAYn5EGQPr/+zPjgq+PQKes631US5 SXrnthRKOAfZk9QVIlxf5t1JfVvC3Cta0HgETTaXJ8TbqEAA5AXw8hl+RmhWgFnI Cto73LM+iiA1tyxDXdXnfdRqV/uxmqK+FCgO6asyCuT7EYOpBZ74Wmq1z+RVJRc= =VLR4 -----END PGP SIGNATURE-----
Current thread:
- CVE Request: PHP int overflow Joshua Rogers (Jan 20)
- Re: CVE Request: PHP int overflow cve-assign (Jan 24)