|
|
Info |
Last Modified |
| about 1 year ago |
|
|
|
|
|
Description |
PHP contains a flaw that may allow a malicious user to access arbitrary memory addresses. The issue is due to the shared memory (shmop) function failing to verify if the type of resource supplied is a shmop resource. By using other types of resources it is possible to read and write to shared memory addresses resulting in a loss of integrity and/or availability.
|
|
Classification |
Location:
Local Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity,
Loss of Availability
Exploit:
Exploit Available
|
|
Solution |
Upgrade to PHP version 4.4.5, PHP version 5.1.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
|
|
Products |
|
PHP
 |
4.0.6 |
4.0.5 |
4.0.4 |
4.0.3 |
4.0.2 |
4.0.1 |
4.0.0 |
4.1.x |
4.2.x |
4.4.0 |
4.4.2 |
4.4.1 |
4.3.x |
5.0.x |
4.4.3 |
5.2.0 |
5.2.1 |
4.4.5 |
4.4.4 |
5.1.x |
4.x |
|
|
|
|
|
|
Credit |
- Stefan Esser - sesser
 hardened-php.net - www.hardened-php.net
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
