Package name
php
Date
2007-02-22
Advisory ID
MDKSA-2007:048
Affected versions
CS4.0 x86_64 , MNF2.0 i586 , 2006.0 i586 , 2007.0 x86_64 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2006.0 x86_64

Problem description

A number of vulnerabilities were discovered in PHP language.

Many buffer overflow flaws were discovered in the PHP session
extension, the str_replace() function, and the imap_mail_compose()
function. An attacker able to use a PHP application using any of
these functions could trigger these flaws and possibly execute
arbitrary code as the apache user (CVE-2007-0906).

A one-byte memory read will always occur prior to the beginning of a
buffer, which could be triggered, for example, by any use of the
header() function in a script (CVE-2007-0907).

The wddx extension, if used to import WDDX data from an untrusted
source, may allow a random portion of heap memory to be exposed due
to certain WDDX input packets (CVE-2007-0908).

The odbc_result_all() function, if used to display data from a
database,
and if the contents of the database are under the control of an
attacker, could lead to the execution of arbitrary code due to a format
string vulnerability (CVE-2007-0909).

Several flaws in the PHP could allow attackers to clobber certain
super-global variables via unspecified vectors (CVE-2007-0910).

The zend_hash_init() function can be forced into an infinite loop
if unserializing untrusted data on a 64-bit platform, resulting in
the consumption of CPU resources until the script timeout alarm aborts
the execution of the script (CVE-2007-0988).

Updated package have been patched to correct this issue.

Updated packages

CS4.0 x86_64

 e2031a018eabe7291baa8f14e8aea201  corporate/4.0/x86_64/lib64php4_common4-4.4.4-1.4.20060mlcs4.x86_64.rpm
 67e00f079636589757a192db88789be7  corporate/4.0/x86_64/lib64php5_common5-5.1.6-1.5.20060mlcs4.x86_64.rpm
 9e8e832216178be8c5c6cf5a7b46011e  corporate/4.0/x86_64/php-cgi-5.1.6-1.5.20060mlcs4.x86_64.rpm
 0628d22b004b2948ca17dcfadac43e50  corporate/4.0/x86_64/php-cli-5.1.6-1.5.20060mlcs4.x86_64.rpm
 6e5eeeef138b0ae9c458bf3756e551c3  corporate/4.0/x86_64/php-devel-5.1.6-1.5.20060mlcs4.x86_64.rpm
 9af58850637ffed2b37ccfa0c881fb1f  corporate/4.0/x86_64/php-fcgi-5.1.6-1.5.20060mlcs4.x86_64.rpm
 fbacfda0078e058d0a9c55b0951d7b22  corporate/4.0/x86_64/php-imap-5.1.6-1.1.20060mlcs4.x86_64.rpm
 4d4dfb1e89ff5debd4734b09e18282db  corporate/4.0/x86_64/php-odbc-5.1.6-1.1.20060mlcs4.x86_64.rpm
 e6cc37b9941ca1c010a83ecfeb80f5ff  corporate/4.0/x86_64/php-session-5.1.6-1.1.20060mlcs4.x86_64.rpm
 bd9fce2e55b5445324c605eb739a811c  corporate/4.0/x86_64/php-wddx-5.1.6-1.1.20060mlcs4.x86_64.rpm
 6795c92d078f0a9a67abcc44fde3b6ee  corporate/4.0/x86_64/php4-cgi-4.4.4-1.4.20060mlcs4.x86_64.rpm
 d6112d336c1d5bc101cc5a624177b38e  corporate/4.0/x86_64/php4-cli-4.4.4-1.4.20060mlcs4.x86_64.rpm
 b5c7bd35a04a63839c9a43de0392ee29  corporate/4.0/x86_64/php4-devel-4.4.4-1.4.20060mlcs4.x86_64.rpm
 94ae86a2e5b36059eba7f7385df0f79c  corporate/4.0/x86_64/php4-imap-4.4.4-0.1.20060mlcs4.x86_64.rpm
 17166588d6b6052e85f395e15fa6a942  corporate/4.0/x86_64/php4-odbc-4.4.4-0.1.20060mlcs4.x86_64.rpm
 de8d50be6e2bd6f6cdba304f003bcc24  corporate/4.0/x86_64/php4-wddx-4.4.4-0.1.20060mlcs4.x86_64.rpm 
 b912cf9745221ccf19f08c9e9e6e9724  corporate/4.0/SRPMS/php-5.1.6-1.5.20060mlcs4.src.rpm
 12771ab58ff701a26a3dff54e3cb757a  corporate/4.0/SRPMS/php-imap-5.1.6-1.1.20060mlcs4.src.rpm
 3ac73928485a9d003f9ab410da73f496  corporate/4.0/SRPMS/php-odbc-5.1.6-1.1.20060mlcs4.src.rpm
 b6d3c63e004e44c8bef821d14e9dfb95  corporate/4.0/SRPMS/php-session-5.1.6-1.1.20060mlcs4.src.rpm
 c30202c77c1a1a5a8694536733b7efb3  corporate/4.0/SRPMS/php-wddx-5.1.6-1.1.20060mlcs4.src.rpm
 bc686b9f2bd178263c6e211c3781f0fb  corporate/4.0/SRPMS/php4-4.4.4-1.4.20060mlcs4.src.rpm
 4ec41380503d039ba368e1b5a375042f  corporate/4.0/SRPMS/php4-imap-4.4.4-0.1.20060mlcs4.src.rpm
 a151cddb0bb46bf5046091e9ee0683c1  corporate/4.0/SRPMS/php4-odbc-4.4.4-0.1.20060mlcs4.src.rpm
 afa5569276637c92cfec4fca0b700434  corporate/4.0/SRPMS/php4-wddx-4.4.4-0.1.20060mlcs4.src.rpm

MNF2.0 i586

 f67045828bb37de94a16410dd106c839  mnf/2.0/i586/libphp_common432-4.3.4-4.24.M20mdk.i586.rpm
 6d6c9770470709db6c849baf1b79ed7c  mnf/2.0/i586/php-cgi-4.3.4-4.24.M20mdk.i586.rpm
 f5f3a45ffa8c90a53f541dd575dcfde0  mnf/2.0/i586/php-cli-4.3.4-4.24.M20mdk.i586.rpm
 7d8a49eb836d1f7b09afbb67dae77ef4  mnf/2.0/i586/php432-devel-4.3.4-4.24.M20mdk.i586.rpm 
 9ef4f5c1fd355320945faf7bb3904975  mnf/2.0/SRPMS/php-4.3.4-4.24.M20mdk.src.rpm

2006.0 i586

 14a536e0c07f48b553986725223f54dc  2006.0/i586/libphp5_common5-5.0.4-9.19.20060mdk.i586.rpm
 762bc7a2f5500dca2eb7effdb96b6cf0  2006.0/i586/php-cgi-5.0.4-9.19.20060mdk.i586.rpm
 3055c27939b2b6451872b39654c7564f  2006.0/i586/php-cli-5.0.4-9.19.20060mdk.i586.rpm
 042909d1305a2ceeab45fa11fa4ff434  2006.0/i586/php-devel-5.0.4-9.19.20060mdk.i586.rpm
 0bcc6a996a381e6d8ee7c5271bbea166  2006.0/i586/php-fcgi-5.0.4-9.19.20060mdk.i586.rpm
 69bc4325439a8ee9ba99ed28af7ed0e2  2006.0/i586/php-imap-5.0.4-2.5.20060mdk.i586.rpm
 b9a273cc6b7b5e35efea231b27bbc2e5  2006.0/i586/php-odbc-5.0.4-1.1.20060mdk.i586.rpm
 7b499c1b38392d556619692780ed41f4  2006.0/i586/php-session-5.0.4-1.1.20060mdk.i586.rpm 
 452f887b5fcfb2e568ec904b708f611c  2006.0/SRPMS/php-5.0.4-9.19.20060mdk.src.rpm
 0ccd978c2b32e74087d237e334a46779  2006.0/SRPMS/php-imap-5.0.4-2.5.20060mdk.src.rpm
 d7549d0a1c8dd9a8989bbf2519d923fa  2006.0/SRPMS/php-odbc-5.0.4-1.1.20060mdk.src.rpm
 92abeadef4272b1e1dff61c956923d23  2006.0/SRPMS/php-session-5.0.4-1.1.20060mdk.src.rpm

2007.0 x86_64

 0f3a963e7808ed8be25e7b17544c0c05  2007.0/x86_64/lib64php5_common5-5.1.6-1.6mdv2007.0.x86_64.rpm
 b7bb612bfc0cb39bb5648dd0b7ea4d37  2007.0/x86_64/php-cgi-5.1.6-1.6mdv2007.0.x86_64.rpm
 c4b459dc63debe260e8f06d4260e30fd  2007.0/x86_64/php-cli-5.1.6-1.6mdv2007.0.x86_64.rpm
 18534448cbe23231900e3da51333dc67  2007.0/x86_64/php-devel-5.1.6-1.6mdv2007.0.x86_64.rpm
 6bbd4f1f6c4e060de408183798a2f312  2007.0/x86_64/php-fcgi-5.1.6-1.6mdv2007.0.x86_64.rpm
 b8c0a446c7fa433e0678e3e58effccab  2007.0/x86_64/php-imap-5.1.6-1.1mdv2007.0.x86_64.rpm
 f49bb567345c6728baf879e943e15002  2007.0/x86_64/php-odbc-5.1.6-1.1mdv2007.0.x86_64.rpm
 e60efa04d5b12f98a1c9800c8d3d4a21  2007.0/x86_64/php-session-5.1.6-1.1mdv2007.0.x86_64.rpm 
 0b6a180bef35c9b1945f8c6bd81d7106  2007.0/SRPMS/php-5.1.6-1.6mdv2007.0.src.rpm
 7d90955ba0926450ae4d3fe854744f36  2007.0/SRPMS/php-imap-5.1.6-1.1mdv2007.0.src.rpm
 ed1c1f68a2ffc6d9fdaef4bf7ad7f9b3  2007.0/SRPMS/php-odbc-5.1.6-1.1mdv2007.0.src.rpm
 2959ad88632828e143d5ac98fae79a7b  2007.0/SRPMS/php-session-5.1.6-1.1mdv2007.0.src.rpm

2007.0 i586

 cf3ef7426074a91964ef0086459cc889  2007.0/i586/libphp5_common5-5.1.6-1.6mdv2007.0.i586.rpm
 8567efb3d4d7a41bcfeecd1c0a3c64e5  2007.0/i586/php-cgi-5.1.6-1.6mdv2007.0.i586.rpm
 675213bf0e797a294776da1bbcbddc69  2007.0/i586/php-cli-5.1.6-1.6mdv2007.0.i586.rpm
 115be2e3b5ca6b285dd359374ab4cf5c  2007.0/i586/php-devel-5.1.6-1.6mdv2007.0.i586.rpm
 b3ca1cf50e10f01d57d9471baf5f330c  2007.0/i586/php-fcgi-5.1.6-1.6mdv2007.0.i586.rpm
 40225dcc5e0e4293be737a5043436010  2007.0/i586/php-imap-5.1.6-1.1mdv2007.0.i586.rpm
 ba41c7d542423eb42539dc6ab3e2ac9f  2007.0/i586/php-odbc-5.1.6-1.1mdv2007.0.i586.rpm
 639ede4d200b60c4164f396d6e215b69  2007.0/i586/php-session-5.1.6-1.1mdv2007.0.i586.rpm 
 0b6a180bef35c9b1945f8c6bd81d7106  2007.0/SRPMS/php-5.1.6-1.6mdv2007.0.src.rpm
 7d90955ba0926450ae4d3fe854744f36  2007.0/SRPMS/php-imap-5.1.6-1.1mdv2007.0.src.rpm
 ed1c1f68a2ffc6d9fdaef4bf7ad7f9b3  2007.0/SRPMS/php-odbc-5.1.6-1.1mdv2007.0.src.rpm
 2959ad88632828e143d5ac98fae79a7b  2007.0/SRPMS/php-session-5.1.6-1.1mdv2007.0.src.rpm

CS3.0 x86_64

 8ccfdbf8075179e44035bb97f3e75d7d  corporate/3.0/x86_64/lib64php_common432-4.3.4-4.24.C30mdk.x86_64.rpm
 18b243d3ce9ea60777d66980280c37ba  corporate/3.0/x86_64/php-cgi-4.3.4-4.24.C30mdk.x86_64.rpm
 404152b4a6a773895b7eff209f1fb1d5  corporate/3.0/x86_64/php-cli-4.3.4-4.24.C30mdk.x86_64.rpm
 fdeb1accc67c123bace512c287a656c2  corporate/3.0/x86_64/php-imap-4.3.4-1.5.C30mdk.x86_64.rpm
 14a01cc331d4ce489a8f9fdee3959c31  corporate/3.0/x86_64/php432-devel-4.3.4-4.24.C30mdk.x86_64.rpm 
 56f90fe0b8a96f6a6fe5bf0620cd4408  corporate/3.0/SRPMS/php-4.3.4-4.24.C30mdk.src.rpm
 2ab806c5a8f696fdce5e4f1037e1404d  corporate/3.0/SRPMS/php-imap-4.3.4-1.5.C30mdk.src.rpm

CS4.0 i586

 c509fc3368d31c1dca47d065b28f2fea  corporate/4.0/i586/libphp4_common4-4.4.4-1.4.20060mlcs4.i586.rpm
 4901007b7f7d98585f926c76692e3c3e  corporate/4.0/i586/libphp5_common5-5.1.6-1.5.20060mlcs4.i586.rpm
 e3ffeda22f59f1f947acfeba34a9d23f  corporate/4.0/i586/php-cgi-5.1.6-1.5.20060mlcs4.i586.rpm
 aecf1f88ba7c6e964f8f96a90cbf10c2  corporate/4.0/i586/php-cli-5.1.6-1.5.20060mlcs4.i586.rpm
 39268f16090d55a4c969734263036be4  corporate/4.0/i586/php-devel-5.1.6-1.5.20060mlcs4.i586.rpm
 3db35d86b2943802a54cc3272662e91c  corporate/4.0/i586/php-fcgi-5.1.6-1.5.20060mlcs4.i586.rpm
 a8e96cedb24e719f32c83d5e6bc02e3e  corporate/4.0/i586/php-imap-5.1.6-1.1.20060mlcs4.i586.rpm
 169fef5a69d5d3c1b385d218ddaf68fd  corporate/4.0/i586/php-odbc-5.1.6-1.1.20060mlcs4.i586.rpm
 d3191c857cee1b6ed1c9978d0eea5a8c  corporate/4.0/i586/php-session-5.1.6-1.1.20060mlcs4.i586.rpm
 58777631a4cc9b7f064b3eb41b773b60  corporate/4.0/i586/php-wddx-5.1.6-1.1.20060mlcs4.i586.rpm
 981f2fe117ddd4a025b095bd98f988b6  corporate/4.0/i586/php4-cgi-4.4.4-1.4.20060mlcs4.i586.rpm
 d0845bd223c59cc23a487cc11822940c  corporate/4.0/i586/php4-cli-4.4.4-1.4.20060mlcs4.i586.rpm
 ce46c6aa0f58d6b87392e0c7b471dc4b  corporate/4.0/i586/php4-devel-4.4.4-1.4.20060mlcs4.i586.rpm
 cb618d8c7536749f010445b5f7c1ad5a  corporate/4.0/i586/php4-imap-4.4.4-0.1.20060mlcs4.i586.rpm
 df7aa75f1bbdd6051f71d62692417b00  corporate/4.0/i586/php4-odbc-4.4.4-0.1.20060mlcs4.i586.rpm
 a5743e7b00125f3fbfc9815e5bedacfe  corporate/4.0/i586/php4-wddx-4.4.4-0.1.20060mlcs4.i586.rpm 
 b912cf9745221ccf19f08c9e9e6e9724  corporate/4.0/SRPMS/php-5.1.6-1.5.20060mlcs4.src.rpm
 12771ab58ff701a26a3dff54e3cb757a  corporate/4.0/SRPMS/php-imap-5.1.6-1.1.20060mlcs4.src.rpm
 3ac73928485a9d003f9ab410da73f496  corporate/4.0/SRPMS/php-odbc-5.1.6-1.1.20060mlcs4.src.rpm
 b6d3c63e004e44c8bef821d14e9dfb95  corporate/4.0/SRPMS/php-session-5.1.6-1.1.20060mlcs4.src.rpm
 c30202c77c1a1a5a8694536733b7efb3  corporate/4.0/SRPMS/php-wddx-5.1.6-1.1.20060mlcs4.src.rpm
 bc686b9f2bd178263c6e211c3781f0fb  corporate/4.0/SRPMS/php4-4.4.4-1.4.20060mlcs4.src.rpm
 4ec41380503d039ba368e1b5a375042f  corporate/4.0/SRPMS/php4-imap-4.4.4-0.1.20060mlcs4.src.rpm
 a151cddb0bb46bf5046091e9ee0683c1  corporate/4.0/SRPMS/php4-odbc-4.4.4-0.1.20060mlcs4.src.rpm
 afa5569276637c92cfec4fca0b700434  corporate/4.0/SRPMS/php4-wddx-4.4.4-0.1.20060mlcs4.src.rpm

CS3.0 i586

 b976e6b9cadf8cf26eb00611b5b47274  corporate/3.0/i586/libphp_common432-4.3.4-4.24.C30mdk.i586.rpm
 21a6ed462d981442f42aa22f4b2dc09b  corporate/3.0/i586/php-cgi-4.3.4-4.24.C30mdk.i586.rpm
 13515b3d016198d636d37abf967e5c20  corporate/3.0/i586/php-cli-4.3.4-4.24.C30mdk.i586.rpm
 ba84264eeab995355deab7c9323aedd1  corporate/3.0/i586/php-imap-4.3.4-1.5.C30mdk.i586.rpm
 128dc7b4d3b2e925b7a0b1d850d0895a  corporate/3.0/i586/php432-devel-4.3.4-4.24.C30mdk.i586.rpm 
 56f90fe0b8a96f6a6fe5bf0620cd4408  corporate/3.0/SRPMS/php-4.3.4-4.24.C30mdk.src.rpm
 2ab806c5a8f696fdce5e4f1037e1404d  corporate/3.0/SRPMS/php-imap-4.3.4-1.5.C30mdk.src.rpm

2006.0 x86_64

 9e66a63f9b6a4694e3b6440afc4e0bd5  2006.0/x86_64/lib64php5_common5-5.0.4-9.19.20060mdk.x86_64.rpm
 a07a6011defb76f88eba66fc429221e3  2006.0/x86_64/php-cgi-5.0.4-9.19.20060mdk.x86_64.rpm
 964d1e6c84a4a8b20fc5257435e64d6e  2006.0/x86_64/php-cli-5.0.4-9.19.20060mdk.x86_64.rpm
 a0b074323affacd0c3b26302bb791d0a  2006.0/x86_64/php-devel-5.0.4-9.19.20060mdk.x86_64.rpm
 74f357e2b7db2b3c1d7e179ab9341b10  2006.0/x86_64/php-fcgi-5.0.4-9.19.20060mdk.x86_64.rpm
 6bad08844fe2a99bd12defc982e75e5f  2006.0/x86_64/php-imap-5.0.4-2.5.20060mdk.x86_64.rpm
 183f14e7c52ad0b14692661afd478e3c  2006.0/x86_64/php-odbc-5.0.4-1.1.20060mdk.x86_64.rpm
 f156370ad26f48adcc9fbdb17eb04db1  2006.0/x86_64/php-session-5.0.4-1.1.20060mdk.x86_64.rpm 
 452f887b5fcfb2e568ec904b708f611c  2006.0/SRPMS/php-5.0.4-9.19.20060mdk.src.rpm
 0ccd978c2b32e74087d237e334a46779  2006.0/SRPMS/php-imap-5.0.4-2.5.20060mdk.src.rpm
 d7549d0a1c8dd9a8989bbf2519d923fa  2006.0/SRPMS/php-odbc-5.0.4-1.1.20060mdk.src.rpm
 92abeadef4272b1e1dff61c956923d23  2006.0/SRPMS/php-session-5.0.4-1.1.20060mdk.src.rpm

References