Php: GC Corruption Vulnerability | Vulnerability Managment Blog

Hide threads | Keyboard Shortcuts

vulnerability management 5:49 pm on November 26, 2010 Permalink Reply
Tags: critical watch ( 900 ), extended maintenance ( 4 ), gc corruption issue, php ( 5 ), problem description ( 80 ), security advisories ( 695 ), vulnerability ( 725 ), vulnerability management ( 512 )

Php: GC Corruption Vulnerability

Users of php please be advised of a GC Corruption vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from http://www.criticalwatch.com

MDVSA-2010:239: [MDVSA-2010:239] php – GC Corruption Issue

Problem Description:

A possible double free flaw was found in the imap extension for php

(CVE-2010-4150).

A GC corrupting flaw was found in Zend/zend_gc.c for php-5.3.x that

under certain circumstances could case a segmention fault (crash).

Packages for 2009.0 are provided as of the Extended Maintenance

Program. Please visit this link to learn more:

http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

Read more at http://www.criticalwatch.com

See this Amp at http://bit.ly/ejHigd

Reply Cancel reply

c: Compose new post
j: Next post/Next comment
k: Previous post/Previous comment
r: Reply
e: Edit
o: Show/Hide comments
t: Go to top
l: Go to login
h: Show/Hide help
shift + esc: Cancel