oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8

From: Vincent Danen <vdanen () redhat com>
Date: Sat, 24 Sep 2011 07:56:34 -0600
Could a CVE be assigned for this flaw?  PHP 5.3.7 changed how the is_a()
function worked, and as a result it could allow for remote arbitrary
code execution if certain specific conditions are met (the blog post
referenced below has a good writeup of the flaw).

http://www.byte.nl/blog/2011/09/23/security-bug-in-is_a-function-in-php-5-3-7-5-3-8/
https://bugs.php.net/bug.php?id=55475
https://bugzilla.redhat.com/show_bug.cgi?id=741020

It looks like this is the fix:

http://svn.php.net/viewvc/?view=revision&amp;revision=317183

Thanks.

--
Vincent Danen / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: