FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-1938

This CVE name corresponds to:

Entered Topic
2011-08-20 php -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2011-1938 at cve.mitre.org

Details

Type Candidate
Name CVE-2011-1938
Phase Assigned(20110509)

Description

Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.

References

Source Reference
EXPLOIT-DB 17318
MLIST [oss-security] 20110523 CVE request: PHP socket_connect() - stack buffer overflow
MLIST [oss-security] 20110524 Re: CVE request: PHP socket_connect() - stack buffer overflow
CONFIRM http://svn.php.net/viewvc/php/php-src/trunk/ext/sockets/sockets.c?r1=311369&r2=311368&pathrev=311369
CONFIRM http://svn.php.net/viewvc?view=revision&revision=311369
CONFIRM http://www.php.net/ChangeLog-5.php#5.3.7
CONFIRM http://www.php.net/archive/2011.php#id2011-08-18-1
CONFIRM http://support.apple.com/kb/HT5130
APPLE APPLE-SA-2012-02-01-1
DEBIAN DSA-2399
MANDRIVA MDVSA-2011:165
REDHAT RHSA-2011:1423
BID 49241
OSVDB 72644
SREASON 8262
SREASON 8294
XF php-socketconnect-bo(67606)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.