oss-sec mailing list archives
Re: CVE Request - PECL-HTTP 3.0.0 Buffer overflow
From: cve-assign () mitre org
Date: Wed, 29 Jun 2016 06:56:57 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
a buffer overflow was discovered in url parsing functions of the PECL HTTP extension. The bug allowed a partial overwrite of a callback function pointer possibly leading to execution of arbitrary code. For the original bug report to the PHP bug tracker, please see: https://bugs.php.net/bug.php?id=71719 included in PECL-HTTP 3.0.1 that was released the same day: https://pecl.php.net/package/pecl_http/3.0.1 Release notes Version 3.0.1 * Fix php-bug #71719: Buffer overflow in HTTP url parsing functions (Mike, rc0r) This flaw was fixed in commit [3724cd7] https://github.com/m6w6/ext-http/commit/3724cd76a28be1d6049b5537232e97ac567ae1f5
Use CVE-2016-5873 for the entire issue described in this commit, i.e., "The parser's offset was not reset when we softfail in scheme parsing and continue to parse a path" and the accompanying change to maxlen in the php_http_url_parse function. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXc6jUAAoJEHb/MwWLVhi2MLwQAK1r9jq7D6vcm23wuNd7yhwz y7VH1oflcJokHblJKyF+pNjZQ9tjGpsAnWqm2GHBEgH4yE297gVYg/WmhNauZZpE RUyCk6OCKXLBBNyFvP9YfJG7KJFp1OejEvmYFv/SD5pUquwv+hAWHwOoZucaESRH ivscwV1ILF4v+n61CPfMHtkmBk8XXggTnvHFGjTkQhekt2makC0pENId9SF4lzh1 xkN9FzHJSviNkymSwX+CSvdUVjxa2UPenwAIjULw6dPZXSKgUWfCEXXFDiYI6Krt jeqxFMiAuKRfeCFnS3pr3wpFs2n7j7dBLL6+nH35Ex58lEaresdDRpRs5F/TIqU1 B6xY30m0JeNaq5a6M7YEA1fWpAsLU6DuaDKkUt7uTSv525TULzmEBXhWh/ZZQbpw rMf+TyA+0cpgcmkTJx0ngmKpnlRuf/gCHf0/2no2N7t0dDqJR/KCEZd8NQSSbqOv GUNi2QYeII0b7ZibmB13W3paqqo2XzvEFeqqKCUoIrYiSEBLLKtu5nbrA9JzJd3E WR8RgGFpKfbntvzqXdmVyqohjh11GGY0qy9/IrSk9AYQHjGO/5/ZZXUpd50h9v7F pgr1tLArI/sNgnuugpyMcJX/bgvbpIPAJdg7hQGldgdoYnBCY/n4F7tZzalOzu6T nCkssdBqv91hfjwnGGd2 =im8F -----END PGP SIGNATURE-----
Current thread:
- CVE Request - PECL-HTTP 3.0.0 Buffer overflow _rc0r (Jun 28)
- Re: CVE Request - PECL-HTTP 3.0.0 Buffer overflow cve-assign (Jun 29)