oss-sec mailing list archives
Re: Re: CVE Request: ZIP Integer Overflow leads to writing past heap boundary
From: Timo Warns <Timo.Warns () gmail com>
Date: Wed, 18 Mar 2015 21:24:53 +0100
On 2015-03-18, cve-assign () mitre org wrote:
https://bugs.php.net/bug.php?id=69253 https://github.com/php/php-src/commit/ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5PHP <= 5.6.6 has a Integer overflow vulnerability when opening a ZipArchive with a large number of entries. This results in writing past the heap boundary and crashing PHP.Use CVE-2015-2331.
Can you please clarify the scope of CVE-2015-2331? Does it only cover the vulnerability in PHP or does it also cover upstream libzip? Thanks, Timo
Current thread:
- CVE Request: ZIP Integer Overflow leads to writing past heap boundary Emmanuel Law (Mar 18)
- Re: CVE Request: ZIP Integer Overflow leads to writing past heap boundary cve-assign (Mar 18)
- Re: Re: CVE Request: ZIP Integer Overflow leads to writing past heap boundary Timo Warns (Mar 18)
- Re: Re: CVE Request: ZIP Integer Overflow leads to writing past heap boundary Emmanuel Law (Mar 18)
- Re: Re: CVE Request: ZIP Integer Overflow leads to writing past heap boundary Timo Warns (Mar 18)
- Re: CVE Request: ZIP Integer Overflow leads to writing past heap boundary Timo Warns (Mar 18)
- Re: CVE Request: ZIP Integer Overflow leads to writing past heap boundary Emmanuel Law (Mar 18)
- Re: CVE Request: ZIP Integer Overflow leads to writing past heap boundary Thomas Klausner (Mar 23)
- Re: CVE Request: ZIP Integer Overflow leads to writing past heap boundary Emmanuel Law (Mar 18)
- Re: CVE Request: ZIP Integer Overflow leads to writing past heap boundary cve-assign (Mar 18)